report.html

Report generated on 23-Mar-2019 at 22:31:43 by pytest-html v1.20.0

Environment

389-ds-base 1.4.1.1-20190324git37f919a.fc29
Packages {'pytest': '4.3.1', 'py': '1.5.4', 'pluggy': '0.9.0'}
Platform Linux-4.19.13-300.fc29.x86_64-x86_64-with-fedora-29-Twenty_Nine
Plugins {'metadata': '1.8.0', 'html': '1.20.0'}
Python 3.7.2
cyrus-sasl 2.1.27-0.3rc7.fc29
nspr 4.20.0-1.fc29
nss 3.42.1-1.fc29
openldap 2.4.46-10.fc29

Summary

1040 tests ran in 8030.16 seconds.

914 passed, 4 skipped, 107 failed, 20 errors, 13 expected failures, 6 unexpected passes

Results

Result Test Duration Links
Error suites/attr_encryption/attr_encryption_test.py::test_basic::setup 8.98
topo = <lib389.topologies.TopologyMain object at 0x7f8fd78bd860>
request = <SubRequest 'enable_user_attr_encryption' for <Function test_basic>>

@pytest.fixture(scope="module")
def enable_user_attr_encryption(topo, request):
""" Enables attribute encryption for various attributes
Adds a test user with encrypted attributes
"""

log.info("Enable TLS for attribute encryption")
> topo.standalone.enable_tls()

suites/attr_encryption/attr_encryption_test.py:33:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
---------------------------- Captured stderr setup -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. attr_encryption_test.py 32 INFO Enable TLS for attribute encryption
Error suites/attr_encryption/attr_encryption_test.py::test_export_import_ciphertext::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd78bd860>
request = <SubRequest 'enable_user_attr_encryption' for <Function test_basic>>

@pytest.fixture(scope="module")
def enable_user_attr_encryption(topo, request):
""" Enables attribute encryption for various attributes
Adds a test user with encrypted attributes
"""

log.info("Enable TLS for attribute encryption")
> topo.standalone.enable_tls()

suites/attr_encryption/attr_encryption_test.py:33:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/attr_encryption/attr_encryption_test.py::test_export_import_plaintext::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd78bd860>
request = <SubRequest 'enable_user_attr_encryption' for <Function test_basic>>

@pytest.fixture(scope="module")
def enable_user_attr_encryption(topo, request):
""" Enables attribute encryption for various attributes
Adds a test user with encrypted attributes
"""

log.info("Enable TLS for attribute encryption")
> topo.standalone.enable_tls()

suites/attr_encryption/attr_encryption_test.py:33:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/attr_encryption/attr_encryption_test.py::test_attr_encryption_unindexed::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd78bd860>
request = <SubRequest 'enable_user_attr_encryption' for <Function test_basic>>

@pytest.fixture(scope="module")
def enable_user_attr_encryption(topo, request):
""" Enables attribute encryption for various attributes
Adds a test user with encrypted attributes
"""

log.info("Enable TLS for attribute encryption")
> topo.standalone.enable_tls()

suites/attr_encryption/attr_encryption_test.py:33:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/attr_encryption/attr_encryption_test.py::test_attr_encryption_multiple_backends::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd78bd860>
request = <SubRequest 'enable_user_attr_encryption' for <Function test_basic>>

@pytest.fixture(scope="module")
def enable_user_attr_encryption(topo, request):
""" Enables attribute encryption for various attributes
Adds a test user with encrypted attributes
"""

log.info("Enable TLS for attribute encryption")
> topo.standalone.enable_tls()

suites/attr_encryption/attr_encryption_test.py:33:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/attr_encryption/attr_encryption_test.py::test_attr_encryption_backends::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd78bd860>
request = <SubRequest 'enable_user_attr_encryption' for <Function test_basic>>

@pytest.fixture(scope="module")
def enable_user_attr_encryption(topo, request):
""" Enables attribute encryption for various attributes
Adds a test user with encrypted attributes
"""

log.info("Enable TLS for attribute encryption")
> topo.standalone.enable_tls()

suites/attr_encryption/attr_encryption_test.py:33:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/ds_logs/ds_logs_test.py::test_internal_log_level_260::setup 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.fixture(scope="module")
def enable_plugins(topology_st):
topo = topology_st.standalone

log.info("Enable automember plugin")
plugin = AutoMembershipPlugin(topo)
> plugin.enable()

suites/ds_logs/ds_logs_test.py:98:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:58: in enable
self.set('nsslapd-pluginEnabled', 'on')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.AutoMembershipPlugin object at 0x7f8fd7830d68>
key = 'nsslapd-pluginEnabled', value = 'on', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
------------------------------ Captured log setup ------------------------------
ds_logs_test.py 96 INFO Enable automember plugin
Error suites/ds_logs/ds_logs_test.py::test_internal_log_level_131076::setup 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.fixture(scope="module")
def enable_plugins(topology_st):
topo = topology_st.standalone

log.info("Enable automember plugin")
plugin = AutoMembershipPlugin(topo)
> plugin.enable()

suites/ds_logs/ds_logs_test.py:98:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:58: in enable
self.set('nsslapd-pluginEnabled', 'on')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.AutoMembershipPlugin object at 0x7f8fd7830d68>
key = 'nsslapd-pluginEnabled', value = 'on', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Error suites/ds_logs/ds_logs_test.py::test_internal_log_level_516::setup 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.fixture(scope="module")
def enable_plugins(topology_st):
topo = topology_st.standalone

log.info("Enable automember plugin")
plugin = AutoMembershipPlugin(topo)
> plugin.enable()

suites/ds_logs/ds_logs_test.py:98:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:58: in enable
self.set('nsslapd-pluginEnabled', 'on')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.AutoMembershipPlugin object at 0x7f8fd7830d68>
key = 'nsslapd-pluginEnabled', value = 'on', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Error suites/ds_tools/replcheck_test.py::test_state::setup 22.99
topo = <lib389.topologies.TopologyMain object at 0x7f8fd73f74a8>

@pytest.fixture(scope="module")
def topo_tls_ldapi(topo):
"""Enable TLS on both masters and reconfigure both agreements
to use TLS Client auth. Also, setup ldapi and export DB
"""

m1 = topo.ms["master1"]
m2 = topo.ms["master2"]
# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo]

suites/ds_tools/replcheck_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/ds_tools/replcheck_test.py:64: in <listcomp>
[i.enable_tls() for i in topo]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
---------------------------- Captured stderr setup -----------------------------
Job for dirsrv@master1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@master1.service" and "journalctl -xe" for details. ------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists
Error suites/ds_tools/replcheck_test.py::test_check_ruv::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd73f74a8>

@pytest.fixture(scope="module")
def topo_tls_ldapi(topo):
"""Enable TLS on both masters and reconfigure both agreements
to use TLS Client auth. Also, setup ldapi and export DB
"""

m1 = topo.ms["master1"]
m2 = topo.ms["master2"]
# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo]

suites/ds_tools/replcheck_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/ds_tools/replcheck_test.py:64: in <listcomp>
[i.enable_tls() for i in topo]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/ds_tools/replcheck_test.py::test_missing_entries::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd73f74a8>

@pytest.fixture(scope="module")
def topo_tls_ldapi(topo):
"""Enable TLS on both masters and reconfigure both agreements
to use TLS Client auth. Also, setup ldapi and export DB
"""

m1 = topo.ms["master1"]
m2 = topo.ms["master2"]
# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo]

suites/ds_tools/replcheck_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/ds_tools/replcheck_test.py:64: in <listcomp>
[i.enable_tls() for i in topo]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/ds_tools/replcheck_test.py::test_tombstones::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd73f74a8>

@pytest.fixture(scope="module")
def topo_tls_ldapi(topo):
"""Enable TLS on both masters and reconfigure both agreements
to use TLS Client auth. Also, setup ldapi and export DB
"""

m1 = topo.ms["master1"]
m2 = topo.ms["master2"]
# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo]

suites/ds_tools/replcheck_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/ds_tools/replcheck_test.py:64: in <listcomp>
[i.enable_tls() for i in topo]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/ds_tools/replcheck_test.py::test_conflict_entries::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd73f74a8>

@pytest.fixture(scope="module")
def topo_tls_ldapi(topo):
"""Enable TLS on both masters and reconfigure both agreements
to use TLS Client auth. Also, setup ldapi and export DB
"""

m1 = topo.ms["master1"]
m2 = topo.ms["master2"]
# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo]

suites/ds_tools/replcheck_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/ds_tools/replcheck_test.py:64: in <listcomp>
[i.enable_tls() for i in topo]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/ds_tools/replcheck_test.py::test_inconsistencies::setup 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fd73f74a8>

@pytest.fixture(scope="module")
def topo_tls_ldapi(topo):
"""Enable TLS on both masters and reconfigure both agreements
to use TLS Client auth. Also, setup ldapi and export DB
"""

m1 = topo.ms["master1"]
m2 = topo.ms["master2"]
# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo]

suites/ds_tools/replcheck_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/ds_tools/replcheck_test.py:64: in <listcomp>
[i.enable_tls() for i in topo]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/password/pwdModify_test.py::test_pwd_modify_with_password_policy::setup 0.06
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6cc6e48>
request = <SubRequest 'pwd_policy_setup' for <Function test_pwd_modify_with_password_policy>>

@pytest.fixture(scope="function")
def pwd_policy_setup(topo, request):
"""
Setup to set passwordStorageScheme as CLEAR
passwordHistory to on
passwordStorageScheme to SSHA
passwordHistory off
"""
log.info("Change the pwd storage type to clear and change the password once to refresh it(for the rest of tests")
> topo.standalone.simple_bind_s(DN_DM, PASSWORD)

suites/password/pwdModify_test.py:43:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc693e6d8>
func = <built-in method result4 of LDAP object at 0x7f8fc6941c88>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'info': 'The change of nsslapd-securePort will not take effect until the server is restarted'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log setup ------------------------------
pwdModify_test.py 42 INFO Change the pwd storage type to clear and change the password once to refresh it(for the rest of tests
Error suites/replication/encryption_cl5_test.py::test_algorithm_unhashed[AES]::setup 20.61
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc60814a8>

@pytest.fixture(scope="module")
def topology_with_tls(topology_m2):
"""Enable TLS on all masters"""

> [i.enable_tls() for i in topology_m2]

suites/replication/encryption_cl5_test.py:32:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/replication/encryption_cl5_test.py:32: in <listcomp>
[i.enable_tls() for i in topology_m2]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
---------------------------- Captured stderr setup -----------------------------
Job for dirsrv@master1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@master1.service" and "journalctl -xe" for details. ------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists
Error suites/replication/encryption_cl5_test.py::test_algorithm_unhashed[3DES]::setup 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc60814a8>

@pytest.fixture(scope="module")
def topology_with_tls(topology_m2):
"""Enable TLS on all masters"""

> [i.enable_tls() for i in topology_m2]

suites/replication/encryption_cl5_test.py:32:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/replication/encryption_cl5_test.py:32: in <listcomp>
[i.enable_tls() for i in topology_m2]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Error suites/replication/tls_client_auth_repl_test.py::test_ssl_transport::setup 21.10
topo_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc5ea55f8>

@pytest.fixture(scope="module")
def tls_client_auth(topo_m2):
"""Enable TLS on both masters and reconfigure
both agreements to use TLS Client auth
"""

m1 = topo_m2.ms['master1']
m2 = topo_m2.ms['master2']

if ds_is_older('1.4.0.6'):
transport = 'SSL'
else:
transport = 'LDAPS'

# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo_m2]

suites/replication/tls_client_auth_repl_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/replication/tls_client_auth_repl_test.py:53: in <listcomp>
[i.enable_tls() for i in topo_m2]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
---------------------------- Captured stderr setup -----------------------------
Job for dirsrv@master1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@master1.service" and "journalctl -xe" for details. ------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists
Error suites/replication/tls_client_auth_repl_test.py::test_extract_pemfiles::setup 0.00
topo_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc5ea55f8>

@pytest.fixture(scope="module")
def tls_client_auth(topo_m2):
"""Enable TLS on both masters and reconfigure
both agreements to use TLS Client auth
"""

m1 = topo_m2.ms['master1']
m2 = topo_m2.ms['master2']

if ds_is_older('1.4.0.6'):
transport = 'SSL'
else:
transport = 'LDAPS'

# Create the certmap before we restart for enable_tls
cm_m1 = CertmapLegacy(m1)
cm_m2 = CertmapLegacy(m2)

# We need to configure the same maps for both ....
certmaps = cm_m1.list()
certmaps['default']['DNComps'] = None
certmaps['default']['CmapLdapAttr'] = 'nsCertSubjectDN'

cm_m1.set(certmaps)
cm_m2.set(certmaps)

> [i.enable_tls() for i in topo_m2]

suites/replication/tls_client_auth_repl_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/replication/tls_client_auth_repl_test.py:53: in <listcomp>
[i.enable_tls() for i in topo_m2]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
Failed suites/basic/basic_test.py::test_dscreate 6.50
request = <FixtureRequest for <Function test_dscreate>>

@pytest.mark.skipif(not get_user_is_root() or not default_paths.perl_enabled,
reason="This test is only required if perl is enabled, and requires root.")
def test_dscreate(request):
"""Test that dscreate works, we need this for now until setup-ds.pl is
fully discontinued.

:id: 5bf75c47-a283-430e-a65c-3c5fd8dbadb9
:setup: None
:steps:
1. Create template file for dscreate
2. Create instance using template file
:expectedresults:
1. Should succeeds
2. Should succeeds
"""

template_file = "/tmp/dssetup.inf"
template_text = """[general]
config_version = 2
# This invalid hostname ...
full_machine_name = localhost.localdomain
# Means we absolutely require this.
strict_host_checking = False
# In tests, we can be run in containers, NEVER trust
# that systemd is there, or functional in any capacity
systemd = False

[slapd]
instance_name = test_dscreate
root_dn = cn=directory manager
root_password = someLongPassword_123
# We do not have access to high ports in containers,
# so default to something higher.
port = 38999
secure_port = 63699


[backend-userroot]
suffix = dc=example,dc=com
sample_entries = yes
"""

with open(template_file, "w") as template_fd:
template_fd.write(template_text)

try:
subprocess.check_call([
'dscreate',
'from-file',
> template_file
])

suites/basic/basic_test.py:1190:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['dscreate', 'from-file', '/tmp/dssetup.inf'],), kwargs = {}
retcode = 1, cmd = ['dscreate', 'from-file', '/tmp/dssetup.inf']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['dscreate', 'from-file', '/tmp/dssetup.inf']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError

During handling of the above exception, another exception occurred:

request = <FixtureRequest for <Function test_dscreate>>

@pytest.mark.skipif(not get_user_is_root() or not default_paths.perl_enabled,
reason="This test is only required if perl is enabled, and requires root.")
def test_dscreate(request):
"""Test that dscreate works, we need this for now until setup-ds.pl is
fully discontinued.

:id: 5bf75c47-a283-430e-a65c-3c5fd8dbadb9
:setup: None
:steps:
1. Create template file for dscreate
2. Create instance using template file
:expectedresults:
1. Should succeeds
2. Should succeeds
"""

template_file = "/tmp/dssetup.inf"
template_text = """[general]
config_version = 2
# This invalid hostname ...
full_machine_name = localhost.localdomain
# Means we absolutely require this.
strict_host_checking = False
# In tests, we can be run in containers, NEVER trust
# that systemd is there, or functional in any capacity
systemd = False

[slapd]
instance_name = test_dscreate
root_dn = cn=directory manager
root_password = someLongPassword_123
# We do not have access to high ports in containers,
# so default to something higher.
port = 38999
secure_port = 63699


[backend-userroot]
suffix = dc=example,dc=com
sample_entries = yes
"""

with open(template_file, "w") as template_fd:
template_fd.write(template_text)

try:
subprocess.check_call([
'dscreate',
'from-file',
template_file
])
except subprocess.CalledProcessError as e:
log.fatal("dscreate failed! Error ({}) {}".format(e.returncode, e.output))
> assert False
E assert False

suites/basic/basic_test.py:1194: AssertionError
----------------------------- Captured stdout call -----------------------------
Starting installation... Error: Command '['systemctl', 'start', 'dirsrv@test_dscreate']' returned non-zero exit status 1. ----------------------------- Captured stderr call -----------------------------
Job for dirsrv@test_dscreate.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@test_dscreate.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
basic_test.py 1193 CRITICAL dscreate failed! Error (1) None
Failed suites/ds_logs/ds_logs_test.py::test_log_plugin_on 2.21
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.mark.bz1273549
def test_log_plugin_on(topology_st):
"""Check access logs for millisecond, when
nsslapd-logging-hr-timestamps-enabled=ON

:id: 65ae4e2a-295f-4222-8d69-12124bc7a872

:setup: Standalone instance

:steps:
1. To generate big logs, add 100 test users
2. Search users to generate more access logs
3. Restart server
4. Parse the logs to check the milliseconds got recorded in logs

:expectedresults:
1. Add operation should be successful
2. Search operation should be successful
3. Server should be restarted successfully
4. There should be milliseconds added in the access logs
"""

log.info('Bug 1273549 - Check access logs for millisecond, when attribute is ON')
log.info('perform any ldap operation, which will trigger the logs')
add_users(topology_st.standalone, 10)
search_users(topology_st.standalone)

log.info('Restart the server to flush the logs')
topology_st.standalone.restart(timeout=10)

log.info('parse the access logs')
access_log_lines = topology_st.standalone.ds_access_log.readlines()
> assert len(access_log_lines) > 0
E assert 0 > 0
E + where 0 = len([])

suites/ds_logs/ds_logs_test.py:214: AssertionError
------------------------------ Captured log call -------------------------------
ds_logs_test.py 204 INFO Bug 1273549 - Check access logs for millisecond, when attribute is ON ds_logs_test.py 205 INFO perform any ldap operation, which will trigger the logs ds_logs_test.py 30 INFO Adding 10 users ds_logs_test.py 209 INFO Restart the server to flush the logs ds_logs_test.py 212 INFO parse the access logs
Failed suites/ds_logs/ds_logs_test.py::test_log_plugin_off 5.48
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.mark.bz1273549
def test_log_plugin_off(topology_st):
"""Milliseconds should be absent from access logs when
nsslapd-logging-hr-timestamps-enabled=OFF

:id: b3400e46-d940-4574-b399-e3f4b49bc4b5

:setup: Standalone instance

:steps:
1. Set nsslapd-logging-hr-timestamps-enabled=OFF
2. Restart the server
3. Delete old access logs
4. Do search operations to generate fresh access logs
5. Restart the server
6. Check access logs

:expectedresults:
1. Attribute nsslapd-logging-hr-timestamps-enabled should be set to "OFF"
2. Server should restart
3. Access logs should be deleted
4. Search operation should PASS
5. Server should restart
6. There should not be any milliseconds added in the access logs
"""

log.info('Bug 1273549 - Check access logs for missing millisecond, when attribute is OFF')

log.info('test_log_plugin_off - set the configuration attribute to OFF')
topology_st.standalone.config.set(PLUGIN_TIMESTAMP, 'OFF')

log.info('Restart the server to flush the logs')
topology_st.standalone.restart(timeout=10)

log.info('test_log_plugin_off - delete the previous access logs')
topology_st.standalone.deleteAccessLogs()

# Now generate some fresh logs
search_users(topology_st.standalone)

log.info('Restart the server to flush the logs')
topology_st.standalone.restart(timeout=10)

log.info('check access log that microseconds are not present')
access_log_lines = topology_st.standalone.ds_access_log.readlines()
> assert len(access_log_lines) > 0
E assert 0 > 0
E + where 0 = len([])

suites/ds_logs/ds_logs_test.py:263: AssertionError
------------------------------ Captured log call -------------------------------
ds_logs_test.py 244 INFO Bug 1273549 - Check access logs for missing millisecond, when attribute is OFF ds_logs_test.py 246 INFO test_log_plugin_off - set the configuration attribute to OFF ds_logs_test.py 249 INFO Restart the server to flush the logs ds_logs_test.py 252 INFO test_log_plugin_off - delete the previous access logs ds_logs_test.py 258 INFO Restart the server to flush the logs ds_logs_test.py 261 INFO check access log that microseconds are not present
Failed suites/ds_logs/ds_logs_test.py::test_internal_log_server_level_0 0.04
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.mark.bz1358706
@pytest.mark.ds49029
def test_internal_log_server_level_0(topology_st):
"""Tests server-initiated internal operations
:id: 798d06fe-92e8-4648-af66-21349c20638e
:setup: Standalone instance
:steps:
1. Set nsslapd-plugin-logging to on
2. Configure access log level to only 0
3. Check the access logs.
:expectedresults:
1. Operation should be successful
2. Operation should be successful
3. Access log should not contain internal operations log formats
"""

topo = topology_st.standalone

log.info('Delete the previous access logs')
> topo.deleteAccessLogs()

suites/ds_logs/ds_logs_test.py:286:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:3129: in deleteAccessLogs
self.deleteLog(self.accesslog, restart)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:3123: in deleteLog
self.start()
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered to the control process. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ds_logs_test.py 285 INFO Delete the previous access logs
Failed suites/ds_logs/ds_logs_test.py::test_internal_log_server_level_4 0.02
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fd782f128>

@pytest.mark.bz1358706
@pytest.mark.ds49029
def test_internal_log_server_level_4(topology_st):
"""Tests server-initiated internal operations
:id: a3500e47-d941-4575-b399-e3f4b49bc4b6
:setup: Standalone instance
:steps:
1. Set nsslapd-plugin-logging to on
2. Configure access log level to only 4
3. Check the access logs, it should contain info about MOD operation of cn=config and other
internal operations should have the conn field set to Internal
and all values inside parenthesis set to 0.
:expectedresults:
1. Operation should be successful
2. Operation should be successful
3. Access log should contain correct internal log formats with cn=config modification:
"(Internal) op=2(1)(1)"
"conn=Internal(0)"
"""

topo = topology_st.standalone

log.info('Delete the previous access logs for the next test')
> topo.deleteAccessLogs()

suites/ds_logs/ds_logs_test.py:333:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:3129: in deleteAccessLogs
self.deleteLog(self.accesslog, restart)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:3123: in deleteLog
self.start()
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered to the control process. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ds_logs_test.py 332 INFO Delete the previous access logs for the next test
Failed suites/import/regression_test.py::test_del_suffix_backend 5.43
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6b6aa58>

def test_del_suffix_backend(topo):
"""Adding a database entry fails if the same database was deleted after an import

:id: ac702c35-74b6-434e-8e30-316433f3e91a
:feature: Import
:setup: Standalone instance
:steps: 1. Create a test suffix and add entries
2. Stop the server and do online import using ldif2db
3. Delete the suffix backend
4. Add a new suffix with the same database name
5. Restart the server and check the status
:expectedresults: Adding database with the same name should be successful and the server should not hang
"""

log.info('Adding suffix:{} and backend: {}'.format(TEST_SUFFIX2, TEST_BACKEND2))
backends = Backends(topo.standalone)
backend = backends.create(properties={BACKEND_SUFFIX: TEST_SUFFIX2, BACKEND_NAME: TEST_BACKEND2})

log.info('Create LDIF file and import it')
ldif_dir = topo.standalone.get_ldif_dir()
ldif_file = os.path.join(ldif_dir, 'suffix_del2.ldif')

dbgen(topo.standalone, 10, ldif_file, TEST_SUFFIX2)

topo.standalone.tasks.importLDIF(suffix=TEST_SUFFIX2, input_file=ldif_file, args={TASK_WAIT: True})

log.info('Deleting suffix-{}'.format(TEST_SUFFIX2))
backend.delete()

log.info('Adding the same database-{} after deleting it'.format(TEST_BACKEND2))
backends.create(properties={BACKEND_SUFFIX: TEST_SUFFIX2, BACKEND_NAME: TEST_BACKEND2})
log.info('Checking if server can be restarted after re-adding the same database')
topo.standalone.restart()
> assert not topo.standalone.detectDisorderlyShutdown()
E assert not True
E + where True = <bound method DirSrv.detectDisorderlyShutdown of <lib389.DirSrv object at 0x7f8fc6b189e8>>()
E + where <bound method DirSrv.detectDisorderlyShutdown of <lib389.DirSrv object at 0x7f8fc6b189e8>> = <lib389.DirSrv object at 0x7f8fc6b189e8>.detectDisorderlyShutdown
E + where <lib389.DirSrv object at 0x7f8fc6b189e8> = <lib389.topologies.TopologyMain object at 0x7f8fc6b6aa58>.standalone

suites/import/regression_test.py:145: AssertionError
------------------------------ Captured log call -------------------------------
regression_test.py 126 INFO Adding suffix:dc=importest2,dc=com and backend: importest2 regression_test.py 130 INFO Create LDIF file and import it tasks.py 438 INFO Import task import_03232019_204230 for file /var/lib/dirsrv/slapd-standalone1/ldif/suffix_del2.ldif completed successfully regression_test.py 138 INFO Deleting suffix-dc=importest2,dc=com regression_test.py 141 INFO Adding the same database-importest2 after deleting it regression_test.py 143 INFO Checking if server can be restarted after re-adding the same database
Failed suites/paged_results/paged_results_test.py::test_multi_suffix_search 4.29
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6ef9358>
create_user = <lib389.idm.user.UserAccount object at 0x7f8fc6fa02e8>
new_suffixes = None

def test_multi_suffix_search(topology_st, create_user, new_suffixes):
"""Verify that page result search returns empty cookie
if there is no returned entry.

:id: 9712345b-9e38-4df6-8794-05f12c457d39
:setup: Standalone instance, test user for binding,
two suffixes with backends, one is inserted into another,
10 users for the search base within each suffix
:steps:
1. Bind as test user
2. Search through all 20 added users with a simple paged control
using page_size = 4
3. Wait some time for the logs to be updated
4. Check access log
:expectedresults:
1. Bind should be successful
2. All users should be found
3. Some time should pass
4. The access log should contain the pr_cookie for each page request
and it should be equal 0, except the last one should be equal -1
"""

search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']
page_size = 4
users_num = 20

log.info('Clear the access log')
topology_st.standalone.deleteAccessLogs()

users_list_1 = add_users(topology_st, 10, NEW_SUFFIX_1)
users_list_2 = add_users(topology_st, 10, NEW_SUFFIX_2)

try:
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')

all_results = paged_search(topology_st.standalone, NEW_SUFFIX_1, [req_ctrl], search_flt, searchreq_attrlist)

log.info('{} results'.format(len(all_results)))
assert len(all_results) == users_num

log.info('Restart the server to flush the logs')
topology_st.standalone.restart(timeout=10)

access_log_lines = topology_st.standalone.ds_access_log.match('.*pr_cookie=.*')
pr_cookie_list = ([line.rsplit('=', 1)[-1] for line in access_log_lines])
pr_cookie_list = [int(pr_cookie) for pr_cookie in pr_cookie_list]
log.info('Assert that last pr_cookie == -1 and others pr_cookie == 0')
pr_cookie_zeros = list(pr_cookie == 0 for pr_cookie in pr_cookie_list[0:-1])
assert all(pr_cookie_zeros)
> assert pr_cookie_list[-1] == -1
E IndexError: list index out of range

suites/paged_results/paged_results_test.py:1064: IndexError
------------------------------ Captured log setup ------------------------------
paged_results_test.py 85 INFO Adding suffix:o=test_parent and backend: parent_base paged_results_test.py 94 INFO Adding ACI to allow our test user to search paged_results_test.py 106 INFO Adding suffix:ou=child,o=test_parent and backend: child_base------------------------------ Captured log call -------------------------------
paged_results_test.py 1041 INFO Clear the access log paged_results_test.py 131 INFO Adding 10 users paged_results_test.py 131 INFO Adding 10 users paged_results_test.py 194 INFO Running simple paged result search with - search suffix: o=test_parent; filter: (uid=test*); attr list ['dn', 'sn']; page_size = 4; controls: [<ldap.controls.libldap.SimplePagedResultsControl object at 0x7f8fc69b9278>]. paged_results_test.py 197 INFO Getting page 0 paged_results_test.py 197 INFO Getting page 1 paged_results_test.py 197 INFO Getting page 2 paged_results_test.py 197 INFO Getting page 3 paged_results_test.py 197 INFO Getting page 4 paged_results_test.py 197 INFO Getting page 5 paged_results_test.py 1052 INFO 20 results paged_results_test.py 1055 INFO Restart the server to flush the logs paged_results_test.py 1061 INFO Assert that last pr_cookie == -1 and others pr_cookie == 0 paged_results_test.py 1066 INFO Remove added users paged_results_test.py 153 INFO Deleting 10 users paged_results_test.py 153 INFO Deleting 10 users
Failed suites/password/pwdModify_test.py::test_pwd_modify_with_different_operation 5.20
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6cc6e48>

def test_pwd_modify_with_different_operation(topo):
"""Performing various password modify operation,
make sure that password is actually modified

:id: e36d68a8-0960-48e4-932c-6c2f64abaebc
:setup: Standalone instance and TLS enabled
:steps:
1. Attempt for Password change for an entry that does not exists
2. Attempt for Password change for an entry that exists
3. Attempt for Password change to old for an entry that exists
4. Attempt for Password Change with Binddn as testuser but with wrong old password
5. Attempt for Password Change with Binddn as testuser
6. Attempt for Password Change without giving newpassword
7. Checking password change Operation using a Non-Secure connection
8. Testuser attempts to change password for testuser2(userPassword attribute is Set)
9. Directory Manager attempts to change password for testuser2(userPassword attribute is Set)
10. Create a password syntax policy. Attempt to change to password that violates that policy
11. userPassword mod with control results in ber decode error

:expectedresults:
1. Operation should be successful
2. Operation should be successful
3. Operation should be successful
4. Operation should not be successful
5. Operation should be successful
6. Operation should be successful
7. Operation should not be successful
8. Operation should not be successful
9. Operation should be successful
10. Operation should violates the policy
11. Operation should be successful
"""

> topo.standalone.enable_tls()

suites/password/pwdModify_test.py:88:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Failed suites/password/pwdModify_test.py::test_pwd_modify_with_subsuffix 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6cc6e48>

def test_pwd_modify_with_subsuffix(topo):
"""Performing various password modify operation.

:id: 2255b4e6-3546-4ec5-84a5-cd8b3d894ac5
:setup: Standalone instance (TLS enabled)
:steps:
1. Add a new SubSuffix & password policy
2. Add two New users under the SubEntry
3. Change password of uid=test_user0,ou=TestPeople_bug834047,dc=example,dc=com to newpassword
4. Try to delete password- case when password is specified
5. Try to delete password- case when password is not specified

:expectedresults:
1. Operation should be successful
2. Operation should be successful
3. Operation should be successful
4. Operation should be successful
5. Operation should be successful
"""

log.info("Add a new SubSuffix")
> topo.standalone.simple_bind_s(DN_DM, PASSWORD)

suites/password/pwdModify_test.py:227:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc693e6d8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc6941c88>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'info': 'The change of nsslapd-securePort will not take effect until the server is restarted'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
pwdModify_test.py 226 INFO Add a new SubSuffix
Failed suites/plugins/acceptance_test.py::test_dna 6.48
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_dna(topo, args=None):
"""Test DNA basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d803
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Configure plugin for uidNumber
4. Add a user
5. See if the entry now has the new uidNumber assignment - uidNumber=1
6. Test the magic regen value
7. See if the entry now has the new uidNumber assignment - uidNumber=2
8. Set 'dnaMagicRegen': '-2'
9. Test the magic regen value
10. See if the entry now has the new uidNumber assignment - uidNumber=3
11. Check nsslapd-plugin-depends-on-named for the plugin
12. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
12. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = DNAPlugin(inst)
plugin.disable()
plugin.enable()

if args == "restart":
return

# If args is None then we run the test suite as pytest standalone and it's not dynamic
if args is None:
inst.restart()

log.info('Testing ' + PLUGIN_DNA + '...')

############################################################################
# Configure plugin
############################################################################
dna_configs = DNAPluginConfigs(inst, plugin.dn)
try:
dna_config = dna_configs.create(properties={'cn': 'config',
'dnatype': 'uidNumber',
'dnafilter': '(objectclass=top)',
'dnascope': DEFAULT_SUFFIX,
'dnaMagicRegen': '-1',
'dnaMaxValue': '50000',
'dnaNextValue': '1'})
except ldap.ALREADY_EXISTS:
dna_config = dna_configs.get('config')
dna_config.replace_many(('dnaNextValue', '1'), ('dnaMagicRegen', '-1'))

############################################################################
# Test plugin
############################################################################
users = UserAccounts(inst, DEFAULT_SUFFIX)
user1 = users.create_test_user(uid=1)

# See if the entry now has the new uidNumber assignment - uidNumber=1
entries = inst.search_s(user1.dn, ldap.SCOPE_BASE, '(uidNumber=1)')
assert entries

# Test the magic regen value
user1.replace('uidNumber', '-1')

# See if the entry now has the new uidNumber assignment - uidNumber=2
entries = inst.search_s(user1.dn, ldap.SCOPE_BASE, '(uidNumber=2)')
assert entries

################################################################################
# Change the config
################################################################################
dna_config.replace('dnaMagicRegen', '-2')

################################################################################
# Test plugin
################################################################################

# Test the magic regen value
user1.replace('uidNumber', '-2')

# See if the entry now has the new uidNumber assignment - uidNumber=3
entries = inst.search_s(user1.dn, ldap.SCOPE_BASE, '(uidNumber=3)')
assert entries

############################################################################
# Test plugin dependency
############################################################################
check_dependency(inst, plugin, online=isinstance(args, str))

############################################################################
# Cleanup
############################################################################
user1.delete()
dna_config.delete()
plugin.disable()

# If args is None then we run the test suite as pytest standalone and it's not dynamic
if args is None:
> inst.restart()

suites/plugins/acceptance_test.py:608:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because the control process exited with error code. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. Job for dirsrv@standalone1.service failed because a fatal signal was delivered to the control process. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Failed suites/plugins/acceptance_test.py::test_linkedattrs 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_linkedattrs(topo, args=None):
"""Test Linked Attributes basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d804
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Add a config entry for directReport
4. Add test entries
5. Add the linked attrs config entry
6. User1 - Set "directReport" to user2
7. See if manager was added to the other entry
8. User1 - Remove "directReport"
9. See if manager was removed
10. Change the config - using linkType "indirectReport" now
11. Make sure the old linkType(directManager) is not working
12. See if manager was added to the other entry, better not be...
13. Now, set the new linkType "indirectReport", which should add "manager" to the other entry
14. See if manager was added to the other entry, better not be
15. Remove "indirectReport" should remove "manager" to the other entry
16. See if manager was removed
17. Disable plugin and make some updates that would of triggered the plugin
18. The entry should not have a manager attribute
19. Enable the plugin and rerun the task entry
20. Add the task again
21. Check if user2 now has a manager attribute now
22. Check nsslapd-plugin-depends-on-named for the plugin
23. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Success
15. Success
16. Success
17. Success
18. Success
19. Success
20. Success
21. Success
22. Success
23. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = LinkedAttributesPlugin(inst)
> plugin.disable()

suites/plugins/acceptance_test.py:676:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.LinkedAttributesPlugin object at 0x7f8fc6b18e80>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/acceptance_test.py::test_memberof 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_memberof(topo, args=None):
"""Test MemberOf basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d805
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Replace groupattr with 'member'
4. Add our test entries
5. Check if the user now has a "memberOf" attribute
6. Remove "member" should remove "memberOf" from the entry
7. Check that "memberOf" was removed
8. Replace 'memberofgroupattr': 'uniquemember'
9. Replace 'uniquemember': user1
10. Check if the user now has a "memberOf" attribute
11. Remove "uniquemember" should remove "memberOf" from the entry
12. Check that "memberOf" was removed
13. The shared config entry uses "member" - the above test uses "uniquemember"
14. Delete the test entries then read them to start with a clean slate
15. Check if the user now has a "memberOf" attribute
16. Check that "memberOf" was removed
17. Replace 'memberofgroupattr': 'uniquemember'
18. Check if the user now has a "memberOf" attribute
19. Remove "uniquemember" should remove "memberOf" from the entry
20. Check that "memberOf" was removed
21. Replace 'memberofgroupattr': 'member'
22. Remove shared config from plugin
23. Check if the user now has a "memberOf" attribute
24. Remove "uniquemember" should remove "memberOf" from the entry
25. Check that "memberOf" was removed
26. First change the plugin to use uniquemember
27. Add uniquemember, should not update user1
28. Check for "memberOf"
29. Enable memberof plugin
30. Run the task and validate that it worked
31. Check for "memberOf"
32. Check nsslapd-plugin-depends-on-named for the plugin
33. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Success
15. Success
16. Success
17. Success
18. Success
19. Success
20. Success
21. Success
22. Success
23. Success
24. Success
25. Success
26. Success
27. Success
28. Success
29. Success
30. Success
31. Success
32. Success
33. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = MemberOfPlugin(inst)
> plugin.disable()

suites/plugins/acceptance_test.py:880:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.MemberOfPlugin object at 0x7f8fc6979390>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/acceptance_test.py::test_mep 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_mep(topo, args=None):
"""Test Managed Entries basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d806
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Add our org units
4. Set up config entry and template entry for the org units
5. Add an entry that meets the MEP scope
6. Check if a managed group entry was created
7. Add a new template entry
8. Add an entry that meets the MEP scope
9. Check if a managed group entry was created
10. Check nsslapd-plugin-depends-on-named for the plugin
11. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = ManagedEntriesPlugin(inst)
> plugin.disable()

suites/plugins/acceptance_test.py:1116:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.ManagedEntriesPlugin object at 0x7f8fc694b8d0>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/acceptance_test.py::test_passthru 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_passthru(topo, args=None):
"""Test Passthrough Authentication basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d807
:setup: Standalone Instance
:steps:
1. Stop the plugin
2. Restart the instance
3. Create a second backend
4. Create the top of the tree
5. Add user to suffix1
6. Configure and start plugin
7. Login as user
8. Login as root DN
9. Replace 'nsslapd-pluginarg0': ldap uri for second instance
10. Login as user
11. Login as root DN
12. Check nsslapd-plugin-depends-on-named for the plugin
13. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
"""

inst1 = topo[0]
inst2 = topo[1]

# Passthru is a bit picky about the state of the entry - we can't just restart it
if args == "restart":
return

# stop the plugin
plugin = PassThroughAuthenticationPlugin(inst1)
> plugin.disable()

suites/plugins/acceptance_test.py:1252:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.PassThroughAuthenticationPlugin object at 0x7f8fc6e00be0>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/acceptance_test.py::test_referint 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_referint(topo, args=None):
"""Test Referential Integrity basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d808
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Replace 'referint-membership-attr': 'member'
4. Add some users and a group
5. Grab the referint log file from the plugin
6. Add shared config entry
7. Delete one user
8. Check for integrity
9. Replace 'referint-membership-attr': 'uniquemember'
10. Delete second user
11. Check for integrity
12. The shared config entry uses "member" - the above test used "uniquemember"
13. Recreate users and a group
14. Delete one user
15. Check for integrity
16. Change the shared config entry to use 'uniquemember' and test the plugin
17. Delete second user
18. Check for integrity
19. First change the plugin to use member before we move the shared config that uses uniquemember
20. Remove shared config from plugin
21. Add test user
22. Add user to group
23. Delete a user
24. Check for integrity
25. Check nsslapd-plugin-depends-on-named for the plugin
26. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Success
15. Success
16. Success
17. Success
18. Success
19. Success
20. Success
21. Success
22. Success
23. Success
24. Success
25. Success
26. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = ReferentialIntegrityPlugin(inst)
> plugin.disable()

suites/plugins/acceptance_test.py:1408:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.ReferentialIntegrityPlugin object at 0x7f8fc6fb0518>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/acceptance_test.py::test_retrocl 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_retrocl(topo, args=None):
"""Test Retro Changelog basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d810
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Gather the current change count (it's not 1 once we start the stability tests)
4. Add a user
5. Check we logged this in the retro cl
6. Change the config - disable plugin
7. Delete the user
8. Check we didn't log this in the retro cl
9. Check nsslapd-plugin-depends-on-named for the plugin
10. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = RetroChangelogPlugin(inst)
> plugin.disable()

suites/plugins/acceptance_test.py:1577:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.RetroChangelogPlugin object at 0x7f8fc6b6ab70>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/acceptance_test.py::test_rootdn 0.00
topo = <lib389.topologies.TopologyMain object at 0x7f8fc6788f98>, args = None

def test_rootdn(topo, args=None):
"""Test Root DNA Access control basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d811
:setup: Standalone Instance
:steps:
1. Enable the plugin
2. Restart the instance
3. Add an user and aci to open up cn=config
4. Set an aci so we can modify the plugin after we deny the root dn
5. Set allowed IP to an unknown host - blocks root dn
6. Bind as Root DN
7. Bind as the user who can make updates to the config
8. Test that invalid plugin changes are rejected
9. Remove the restriction
10. Bind as Root DN
11. Check nsslapd-plugin-depends-on-named for the plugin
12. Clean up
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
"""

inst = topo[0]

# stop the plugin, and start it
plugin = RootDNAccessControlPlugin(inst)
> plugin.disable()

suites/plugins/acceptance_test.py:1694:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:63: in disable
self.set('nsslapd-pluginEnabled', 'off')
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.RootDNAccessControlPlugin object at 0x7f8fc69f7588>
key = 'nsslapd-pluginEnabled', value = 'off', action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, value))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
> raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")
E ValueError: Invalid state. Cannot set properties on instance that is not ONLINE.

/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:369: ValueError
Failed suites/plugins/accpol_test.py::test_glnologin_attr 23.45
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glnologin_attr(topology_st, accpol_global):
"""Verify if user account is inactivated based on createTimeStamp attribute, no lastLoginTime attribute present

:id: 3032f670-705d-4f69-96f5-d75445cffcfb
:setup: Standalone instance, Local account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with createTimestamp as stateattrname
2. lastLoginTime attribute will not be effective.
3. Add few users to ou=groups subtree in the default suffix
4. Wait for 10 secs and check if account is not inactivated, expected 0
5. Modify AccountInactivityLimit to 20 secs
6. Wait for +9 secs and check if account is not inactivated, expected 0
7. Wait for +3 secs and check if account is inactivated, error 19
8. Modify accountInactivityLimit to 3 secs
9. Add few users to ou=groups subtree in the default suffix
10. Wait for 3 secs and check if account is inactivated, error 19
11. Modify accountInactivityLimit to 30 secs
12. Add few users to ou=groups subtree in the default suffix
13. Wait for 90 secs and check if account is not inactivated, expected 0
14. Wait for +28 secs and check if account is not inactivated, expected 0
15. Wait for +2 secs and check if account is inactivated, error 19
16. Replace the lastLoginTime attribute and check if account is activated
17. Modify accountInactivityLimit to 12 secs, which is the default
18. Run ldapsearch as normal user, expected 0.
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Success
15. Success
16. Success
17. Success
18. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nologinusr"
nousrs = 3

log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
log.info('Set attribute StateAttrName to createTimestamp, loginTime attr wont be considered')
modify_attr(topology_st, ACCP_CONF, 'stateattrname', 'createTimestamp')
topology_st.standalone.restart(timeout=10)
add_users(topology_st, suffix, subtree, userid, nousrs, 2)
log.info('Sleep for 9 secs to check if account is not inactivated, expected 0')
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, nousrs, 2, "Enabled")

modify_attr(topology_st, ACCP_CONF, 'accountInactivityLimit', '20')
time.sleep(9)
> account_status(topology_st, suffix, subtree, userid, nousrs, 2, "Enabled")

suites/plugins/accpol_test.py:578:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:306: in account_status
raise e
suites/plugins/accpol_test.py:303: in account_status
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc66cba08>
args = (6, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'desc': 'Constraint violation', 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: CONSTRAINT_VIOLATION
------------------------------ Captured log call -------------------------------
accpol_test.py 567 INFO AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs accpol_test.py 568 INFO Set attribute StateAttrName to createTimestamp, loginTime attr wont be considered accpol_test.py 184 INFO Modify attribute value for a given DN accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs accpol_test.py 572 INFO Sleep for 9 secs to check if account is not inactivated, expected 0 accpol_test.py 184 INFO Modify attribute value for a given DN accpol_test.py 305 ERROR User uid=nologinusr3,ou=groups,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/accpol_test.py::test_glnoalt_stattr 3.30
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glnoalt_stattr(topology_st, accpol_global):
"""Verify if user account can be inactivated based on lastLoginTime attribute, altstateattrname set to 1.1

:id: 8dcc3540-578f-422a-bb44-28c2cf20dbcd
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with altstateattrname to 1.1
2. Add few users to ou=groups subtree in the default suffix
3. Wait till it reaches accountInactivityLimit
4. Remove lastLoginTime attribute from the user entry
5. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present
6. Wait till it reaches accountInactivityLimit and check users, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nologinusr"
nousrs = 3
log.info('Set attribute altStateAttrName to 1.1')
modify_attr(topology_st, ACCP_CONF, 'altstateattrname', '1.1')
topology_st.standalone.restart(timeout=10)
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)

suites/plugins/accpol_test.py:635:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:278: in add_users
users.create(properties=user_properties)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:1059: in create
return co.create(rdn, properties, self._basedn)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:833: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:809: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6728850>
args = (2, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.ALREADY_EXISTS: {'desc': 'Already exists'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: ALREADY_EXISTS
------------------------------ Captured log call -------------------------------
accpol_test.py 632 INFO Set attribute altStateAttrName to 1.1 accpol_test.py 184 INFO Modify attribute value for a given DN accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs
Failed suites/plugins/accpol_test.py::test_glattr_modtime 16.50
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glattr_modtime(topology_st, accpol_global):
"""Verify if user account can be inactivated based on modifyTimeStamp attribute

:id: 67380839-2966-45dc-848a-167a954153e1
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with altstateattrname to modifyTimestamp
2. Add few users to ou=groups subtree in the default suffix
3. Wait till the accountInactivityLimit exceeded and check users, expected error 19
4. Modify cn attribute for user, ModifyTimeStamp is updated.
5. Check if user is activated based on ModifyTimeStamp attribute, expected 0
6. Change the plugin to use createTimeStamp and remove lastLoginTime attribute
7. Check if account is inactivated, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "modtimeusr"
nousrs = 3
log.info('Set attribute altStateAttrName to modifyTimestamp')
modify_attr(topology_st, ACCP_CONF, 'altstateattrname', 'modifyTimestamp')
topology_st.standalone.restart(timeout=10)
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 13 secs to check if account is inactivated, expected 0')
time.sleep(13)
check_attr(topology_st, suffix, subtree, userid, nousrs, "modifyTimeStamp=*")
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

suites/plugins/accpol_test.py:686:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
suffix = 'dc=example,dc=com', subtree = 'ou=groups', userid = 'modtimeusr'
nousrs = 3, ulimit = 0, tochck = 'Disabled'

def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck):
"""Check account status for the given suffix, subtree, userid and nousrs"""

while (nousrs > ulimit):
usrrdn = '{}{}'.format(userid, nousrs)
userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)
if (tochck == "Enabled"):
try:
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
except ldap.LDAPError as e:
log.error('User {} failed to login, expected 0'.format(userdn))
raise e
elif (tochck == "Expired"):
with pytest.raises(ldap.INVALID_CREDENTIALS):
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
log.error('User {} password not expired , expected error 49'.format(userdn))
elif (tochck == "Disabled"):
with pytest.raises(ldap.CONSTRAINT_VIOLATION):
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
> log.error('User {} is not inactivated, expected error 19'.format(userdn))
E Failed: DID NOT RAISE <class 'ldap.CONSTRAINT_VIOLATION'>

suites/plugins/accpol_test.py:314: Failed
------------------------------ Captured log call -------------------------------
accpol_test.py 679 INFO Set attribute altStateAttrName to modifyTimestamp accpol_test.py 184 INFO Modify attribute value for a given DN accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs accpol_test.py 683 INFO Sleep for 13 secs to check if account is inactivated, expected 0 accpol_test.py 197 INFO Check ModifyTimeStamp attribute present for user accpol_test.py 314 ERROR User uid=modtimeusr3,ou=groups,dc=example,dc=com is not inactivated, expected error 19
Failed suites/plugins/accpol_test.py::test_glnoalt_nologin 25.62
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glnoalt_nologin(topology_st, accpol_global):
"""Verify if account policy plugin works if we set altstateattrname set to 1.1 and alwaysrecordlogin to NO

:id: 49eda7db-84de-47ba-8f81-ac5e4de3a500
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with altstateattrname to 1.1
2. Set alwaysrecordlogin to NO.
3. Add few users to ou=groups subtree in the default suffix
4. Wait till accountInactivityLimit exceeded and check users, expected 0
5. Check for lastLoginTime attribute, it should not be present
6. Wait for few more secs and check if account is not inactivated, expected 0
7. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present
8. Set altstateattrname to createTimeStamp
9. Check if user account is inactivated based on createTimeStamp attribute.
10. Account should be inactivated, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "norecrodlogusr"
nousrs = 3
log.info('Set attribute altStateAttrName to 1.1')
modify_attr(topology_st, ACCP_CONF, 'altstateattrname', '1.1')
log.info('Set attribute alwaysrecordlogin to No')
modify_attr(topology_st, ACCP_CONF, 'alwaysrecordlogin', 'no')
topology_st.standalone.restart(timeout=10)
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 13 secs to check if account is not inactivated, expected 0')
time.sleep(13)
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")
time.sleep(3)
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

suites/plugins/accpol_test.py:744:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:306: in account_status
raise e
suites/plugins/accpol_test.py:303: in account_status
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6259d00>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'desc': 'Constraint violation', 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: CONSTRAINT_VIOLATION
------------------------------ Captured log call -------------------------------
accpol_test.py 734 INFO Set attribute altStateAttrName to 1.1 accpol_test.py 184 INFO Modify attribute value for a given DN accpol_test.py 736 INFO Set attribute alwaysrecordlogin to No accpol_test.py 184 INFO Modify attribute value for a given DN accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs accpol_test.py 740 INFO Sleep for 13 secs to check if account is not inactivated, expected 0 accpol_test.py 305 ERROR User uid=norecrodlogusr1,ou=groups,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/accpol_test.py::test_glinact_nsact 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glinact_nsact(topology_st, accpol_global):
"""Verify if user account can be activated using ns-activate.pl script.

:id: 876a7a7c-0b3f-4cd2-9b45-1dc80846e334
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin
2. Add few users to ou=groups subtree in the default suffix
3. Wait for few secs and inactivate user using ns-inactivate.pl
4. Wait till accountInactivityLimit exceeded.
5. Run ldapsearch as normal user, expected error 19.
6. Activate user using ns-activate.pl script
7. Check if account is activated, expected error 19
8. Replace the lastLoginTime attribute and check if account is activated
9. Run ldapsearch as normal user, expected 0.
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nsactusr"
nousrs = 1
log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)

suites/plugins/accpol_test.py:791:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:278: in add_users
users.create(properties=user_properties)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:1059: in create
return co.create(rdn, properties, self._basedn)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:833: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:809: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6259d00>
args = (11, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access', 'info': "Insufficient 'add' privilege to the 'userPassword' attribute"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: INSUFFICIENT_ACCESS
------------------------------ Captured log call -------------------------------
accpol_test.py 790 INFO AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs
Failed suites/plugins/accpol_test.py::test_glinact_acclock 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glinact_acclock(topology_st, accpol_global):
"""Verify if user account is activated when account is unlocked by passwordlockoutduration.

:id: 43601a61-065c-4c80-a7c2-e4f6ae17beb8
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=groups subtree in the default suffix
2. Wait for few secs and attempt invalid binds for user
3. User account should be locked based on Account Lockout policy.
4. Wait till accountInactivityLimit exceeded and check users, expected error 19
5. Wait for passwordlockoutduration and check if account is active
6. Check if account is unlocked, expected error 19, since account is inactivated
7. Replace the lastLoginTime attribute and check users, expected 0
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "pwlockusr"
nousrs = 1
log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)

suites/plugins/accpol_test.py:836:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:278: in add_users
users.create(properties=user_properties)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:1059: in create
return co.create(rdn, properties, self._basedn)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:833: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:809: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6259d00>
args = (12, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access', 'info': "Insufficient 'add' privilege to the 'userPassword' attribute"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: INSUFFICIENT_ACCESS
------------------------------ Captured log call -------------------------------
accpol_test.py 835 INFO AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs
Failed suites/plugins/accpol_test.py::test_glnact_pwexp 14.21
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_global = None

def test_glnact_pwexp(topology_st, accpol_global):
"""Verify if user account is activated when password is reset after password is expired

:id: 3bb97992-101a-4e5a-b60a-4cc21adcc76e
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=groups subtree in the default suffix
2. Set passwordmaxage to few secs
3. Wait for passwordmaxage to reach and check if password expired
4. Run ldapsearch as normal user, expected error 19.
5. Reset the password for user account
6. Wait till accountInactivityLimit exceeded and check users
7. Run ldapsearch as normal user, expected error 19.
8. Replace the lastLoginTime attribute and check if account is activated
9. Run ldapsearch as normal user, expected 0.
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "pwexpusr"
nousrs = 1
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
try:
topology_st.standalone.config.set('passwordmaxage', '9')
except ldap.LDAPError as e:
log.error('Failed to change the value of passwordmaxage to 9')
raise e
log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
log.info('Passwordmaxage is set to 9. Password will expire in 9 secs')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)

log.info('Sleep for 9 secs and check if password expired')
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Expired")
time.sleep(4) # Passed inactivity
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

suites/plugins/accpol_test.py:909:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:313: in account_status
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6259d00>
args = (17, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INVALID_CREDENTIALS: {'desc': 'Invalid credentials', 'info': 'password expired!'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: INVALID_CREDENTIALS
------------------------------ Captured log call -------------------------------
accpol_test.py 901 INFO AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs accpol_test.py 902 INFO Passwordmaxage is set to 9. Password will expire in 9 secs accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs accpol_test.py 905 INFO Sleep for 9 secs and check if password expired
Failed suites/plugins/accpol_test.py::test_locact_inact 28.26
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_local = None

def test_locact_inact(topology_st, accpol_local):
"""Verify if user account is inactivated when accountInactivityLimit is exceeded.

:id: 02140e36-79eb-4d88-ba28-66478689289b
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=people subtree in the default suffix
2. Wait for few secs before it reaches accountInactivityLimit and check users.
3. Run ldapsearch as normal user, expected 0
4. Wait till accountInactivityLimit is exceeded
5. Run ldapsearch as normal user and check if its inactivated, expected error 19.
6. Replace user's lastLoginTime attribute and check if its activated, expected 0
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Should return error code 19
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "inactusr"
nousrs = 3
log.info('AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 9 secs to check if account is not inactivated, expected value 0')
time.sleep(9)
log.info('Account should not be inactivated since AccountInactivityLimit not exceeded')
account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled")
log.info('Sleep for 2 more secs to check if account is inactivated')
time.sleep(2)
account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled")
log.info('Sleep +9 secs to check if account {}3 is inactivated'.format(userid))
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled")
log.info('Add lastLoginTime attribute to all users and check if its activated')
add_time_attr(topology_st, suffix, subtree, userid, nousrs, 'lastLoginTime')
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

suites/plugins/accpol_test.py:988:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:306: in account_status
raise e
suites/plugins/accpol_test.py:303: in account_status
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (13, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'desc': 'Constraint violation', 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: CONSTRAINT_VIOLATION
------------------------------ Captured log setup ------------------------------
accpol_test.py 74 INFO Adding Local account policy plugin configuration entries------------------------------ Captured log call -------------------------------
accpol_test.py 974 INFO AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs accpol_test.py 976 INFO Sleep for 9 secs to check if account is not inactivated, expected value 0 accpol_test.py 978 INFO Account should not be inactivated since AccountInactivityLimit not exceeded accpol_test.py 980 INFO Sleep for 2 more secs to check if account is inactivated accpol_test.py 983 INFO Sleep +9 secs to check if account inactusr3 is inactivated accpol_test.py 986 INFO Add lastLoginTime attribute to all users and check if its activated accpol_test.py 214 INFO Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute accpol_test.py 305 ERROR User uid=inactusr3,ou=people,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/accpol_test.py::test_locinact_modrdn 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_local = None

def test_locinact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when moved from ou=groups to ou=people subtree.

:id: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=groups subtree in the default suffix
2. Plugin configured to ou=people subtree only.
3. Wait for few secs before it reaches accountInactivityLimit and check users.
4. Run ldapsearch as normal user, expected 0
5. Wait till accountInactivityLimit exceeded
6. Move users from ou=groups subtree to ou=people subtree
7. Check if users are inactivated, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Should return error code 0 and 19
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nolockusr"
nousrs = 1
log.info('Account should not be inactivated since the subtree is not configured')
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)

suites/plugins/accpol_test.py:1021:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:278: in add_users
users.create(properties=user_properties)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:1059: in create
return co.create(rdn, properties, self._basedn)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:833: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:809: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (14, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access', 'info': "Insufficient 'add' privilege to the 'userPassword' attribute"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: INSUFFICIENT_ACCESS
------------------------------ Captured log call -------------------------------
accpol_test.py 1020 INFO Account should not be inactivated since the subtree is not configured accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs
Failed suites/plugins/accpol_test.py::test_locact_modrdn 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc6e1f160>
accpol_local = None

def test_locact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when users moved from ou=people to ou=groups subtree.

:id: e821cbae-bfc3-40d3-947d-b228c809987f
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=people subtree in the default suffix
2. Wait for few secs and check if users not inactivated, expected 0.
3. Move users from ou=people to ou=groups subtree
4. Wait till accountInactivityLimit is exceeded
5. Check if users are active in ou=groups subtree, expected 0
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "lockusr"
nousrs = 1
log.info('Account should be inactivated since the subtree is configured')
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)

suites/plugins/accpol_test.py:1067:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:278: in add_users
users.create(properties=user_properties)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:1059: in create
return co.create(rdn, properties, self._basedn)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:833: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:809: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc678a0f0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'desc': 'Insufficient access', 'info': "Insufficient 'add' privilege to the 'userPassword' attribute"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: INSUFFICIENT_ACCESS
------------------------------ Captured log call -------------------------------
accpol_test.py 1066 INFO Account should be inactivated since the subtree is configured accpol_test.py 266 INFO add_users: Pass all of these as parameters suffix, subtree, userid and nousrs
Failed suites/plugins/dna_test.py::test_dnatype_only_valid 0.01
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc603b2b0>

@pytest.mark.ds47937
def test_dnatype_only_valid(topology_st):
"""Test that DNA plugin only accepts valid attributes for "dnaType"

:id: 0878ecff-5fdc-47d7-8c8f-edf4556f9746
:setup: Standalone Instance
:steps:
1. Create a use entry
2. Create DNA shared config entry container
3. Create DNA shared config entry
4. Add DNA plugin config entry
5. Enable DNA plugin
6. Restart the instance
7. Replace dnaType with invalid value
:expectedresults:
1. Successful
2. Successful
3. Successful
4. Successful
5. Successful
6. Successful
7. Unwilling to perform exception should be raised
"""

inst = topology_st.standalone
plugin = DNAPlugin(inst)

log.info("Creating an entry...")
users = UserAccounts(inst, DEFAULT_SUFFIX)
users.create_test_user(uid=1)

log.info("Creating \"ou=ranges\"...")
ous = OrganizationalUnits(inst, DEFAULT_SUFFIX)
ou_ranges = ous.create(properties={'ou': 'ranges'})
ou_people = ous.get("People")

log.info("Creating DNA shared config entry...")
shared_configs = DNAPluginSharedConfigs(inst, ou_ranges.dn)
shared_configs.create(properties={'dnaHostName': str(inst.host),
'dnaPortNum': str(inst.port),
> 'dnaRemainingValues': '9501'})

suites/plugins/dna_test.py:63:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:1831: in create
return co.create(properties, self._basedn)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.plugins.DNAPluginSharedConfig object at 0x7f8fc625fa58>
properties = {'dnaHostName': 'server.example.com', 'dnaPortNum': '38901', 'dnaRemainingValues': '9501'}
basedn = 'ou=ranges,dc=example,dc=com', ensure = False

def create(self, properties=None, basedn=None, ensure=False):
"""The shared config DNA plugin entry has two RDN values
The function takes care about that special case
"""

for attr in self._must_attributes:
if properties.get(attr, None) is None:
> raise ldap.UNWILLING_TO_PERFORM('Attribute %s must not be None' % attr)
E ldap.UNWILLING_TO_PERFORM: Attribute dnaHostname must not be None

/usr/local/lib/python3.7/site-packages/lib389/plugins.py:1756: UNWILLING_TO_PERFORM
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/plugins/rootdn_plugin_test.py::test_rootdn_access_day_of_week 0.04
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_day_of_week(topology_st, rootdn_setup):
"""Test the days of week feature

:id: a0ef30e5-538b-46fa-9762-01a4435a15e1
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set the deny days
2. Bind as Root DN
3. Set the allow days
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_day_of_week...')

days = ('Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat')
day = int(time.strftime("%w", time.gmtime()))

if day == 6:
# Handle the roll over from Saturday into Sunday
deny_days = days[1] + ', ' + days[2]
allow_days = days[6] + ',' + days[0]
elif day > 3:
deny_days = days[0] + ', ' + days[1]
allow_days = days[day] + ',' + days[day - 1]
else:
deny_days = days[4] + ',' + days[5]
allow_days = days[day] + ',' + days[day + 1]

log.info('Today: ' + days[day])
log.info('Allowed days: ' + allow_days)
log.info('Deny days: ' + deny_days)

#
# Set the deny days
#
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-days-allowed',
ensure_bytes(deny_days))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: Failed to set the deny days: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False

if succeeded:
log.fatal('test_rootdn_access_day_of_week: Root DN was incorrectly able to bind')
assert False

#
# Set the allow days
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: : failed to bind as user1')
assert False

try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-days-allowed',
ensure_bytes(allow_days))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: Failed to set the deny days: error {}'
.format(e))
assert False

try:
> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

suites/plugins/rootdn_plugin_test.py:263:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=Directory Manager', 'password'), kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x557b05d62e08, file '/usr/local/lib/python3.7/site-packages/lib389/__init__.py', line 197,...68, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x557b04f23408, file '/export/tests/suites/plugins/rootdn_plugin_test.py', line 267, code te..._rootdn_access_day_of_week', code_context=[' topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, who = 'cn=Directory Manager'
cred = 'password', serverctrls = None, clientctrls = None

def simple_bind_s(self,who=None,cred=None,serverctrls=None,clientctrls=None):
"""
simple_bind_s([who='' [,cred='']]) -> 4-tuple
"""
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (18,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 18, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
> resp_ctrl_classes=resp_ctrl_classes
)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (18, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 18, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f8fc616ce40>, 18, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc616ce40>
args = (18, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'})
exc_traceback = <traceback object at 0x7f8fc68f8ac8>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc616ce40>
args = (18, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_day_of_week(topology_st, rootdn_setup):
"""Test the days of week feature

:id: a0ef30e5-538b-46fa-9762-01a4435a15e1
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set the deny days
2. Bind as Root DN
3. Set the allow days
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_day_of_week...')

days = ('Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat')
day = int(time.strftime("%w", time.gmtime()))

if day == 6:
# Handle the roll over from Saturday into Sunday
deny_days = days[1] + ', ' + days[2]
allow_days = days[6] + ',' + days[0]
elif day > 3:
deny_days = days[0] + ', ' + days[1]
allow_days = days[day] + ',' + days[day - 1]
else:
deny_days = days[4] + ',' + days[5]
allow_days = days[day] + ',' + days[day + 1]

log.info('Today: ' + days[day])
log.info('Allowed days: ' + allow_days)
log.info('Deny days: ' + deny_days)

#
# Set the deny days
#
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-days-allowed',
ensure_bytes(deny_days))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: Failed to set the deny days: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False

if succeeded:
log.fatal('test_rootdn_access_day_of_week: Root DN was incorrectly able to bind')
assert False

#
# Set the allow days
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: : failed to bind as user1')
assert False

try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-days-allowed',
ensure_bytes(allow_days))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: Failed to set the deny days: error {}'
.format(e))
assert False

try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_day_of_week: Root DN bind failed unexpectedly failed: error {}'
.format(e))
> assert False
E assert False

suites/plugins/rootdn_plugin_test.py:267: AssertionError
------------------------------ Captured log call -------------------------------
rootdn_plugin_test.py 201 INFO Running test_rootdn_access_day_of_week... rootdn_plugin_test.py 217 INFO Today: Sun rootdn_plugin_test.py 218 INFO Allowed days: Sun,Mon rootdn_plugin_test.py 219 INFO Deny days: Thu,Fri rootdn_plugin_test.py 266 CRITICAL test_rootdn_access_day_of_week: Root DN bind failed unexpectedly failed: error {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}
Failed suites/plugins/rootdn_plugin_test.py::test_rootdn_access_denied_ip 2.10
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_denied_ip(topology_st, rootdn_setup):
"""Test denied IP feature - we can just test denying 127.0.0.1

:id: a0ef30e5-538b-46fa-9762-01a4435a15e2
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set rootdn-deny-ip to '127.0.0.1' and '::1'
2. Bind as Root DN
3. Change the denied IP so root DN succeeds
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_denied_ip...')
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE,
'rootdn-deny-ip',
b'127.0.0.1'),
(ldap.MOD_ADD,
'rootdn-deny-ip',
b'::1')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: Failed to set rootDN plugin config: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
conn = ldap.initialize('ldap://{}:{}'.format(LOCALHOST_IP, topology_st.standalone.port))
topology_st.standalone.restart()
conn.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False
if succeeded:
log.fatal('test_rootdn_access_denied_ip: Root DN was incorrectly able to bind')
assert False

#
# Change the denied IP so root DN succeeds
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: failed to bind as user1')
assert False

try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-deny-ip', b'255.255.255.255')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: Failed to set rootDN plugin config: error {}'
.format(e))
assert False

try:
> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

suites/plugins/rootdn_plugin_test.py:352:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=Directory Manager', 'password'), kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x557b05d47728, file '/usr/local/lib/python3.7/site-packages/lib389/__init__.py', line 197,...68, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x557b04cb69e8, file '/export/tests/suites/plugins/rootdn_plugin_test.py', line 356, code te...st_rootdn_access_denied_ip', code_context=[' topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, who = 'cn=Directory Manager'
cred = 'password', serverctrls = None, clientctrls = None

def simple_bind_s(self,who=None,cred=None,serverctrls=None,clientctrls=None):
"""
simple_bind_s([who='' [,cred='']]) -> 4-tuple
"""
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (4,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 4, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
> resp_ctrl_classes=resp_ctrl_classes
)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (4, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 4, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f8fc6854bc0>, 4, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (4, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'})
exc_traceback = <traceback object at 0x7f8fc6f25f88>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (4, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_denied_ip(topology_st, rootdn_setup):
"""Test denied IP feature - we can just test denying 127.0.0.1

:id: a0ef30e5-538b-46fa-9762-01a4435a15e2
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set rootdn-deny-ip to '127.0.0.1' and '::1'
2. Bind as Root DN
3. Change the denied IP so root DN succeeds
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_denied_ip...')
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE,
'rootdn-deny-ip',
b'127.0.0.1'),
(ldap.MOD_ADD,
'rootdn-deny-ip',
b'::1')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: Failed to set rootDN plugin config: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
conn = ldap.initialize('ldap://{}:{}'.format(LOCALHOST_IP, topology_st.standalone.port))
topology_st.standalone.restart()
conn.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False
if succeeded:
log.fatal('test_rootdn_access_denied_ip: Root DN was incorrectly able to bind')
assert False

#
# Change the denied IP so root DN succeeds
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: failed to bind as user1')
assert False

try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-deny-ip', b'255.255.255.255')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: Failed to set rootDN plugin config: error {}'
.format(e))
assert False

try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_ip: Root DN bind failed unexpectedly failed: error {}'
.format(e))
> assert False
E assert False

suites/plugins/rootdn_plugin_test.py:356: AssertionError
------------------------------ Captured log call -------------------------------
rootdn_plugin_test.py 308 INFO Running test_rootdn_access_denied_ip... rootdn_plugin_test.py 355 CRITICAL test_rootdn_access_denied_ip: Root DN bind failed unexpectedly failed: error {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}
Failed suites/plugins/rootdn_plugin_test.py::test_rootdn_access_denied_host 0.04
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_denied_host(topology_st, rootdn_setup):
"""Test denied Host feature - we can just test denying localhost

:id: a0ef30e5-538b-46fa-9762-01a4435a15e3
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set rootdn-deny-host to hostname (localhost if not accessable)
2. Bind as Root DN
3. Change the denied host so root DN succeeds
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_denied_host...')
hostname = socket.gethostname()
localhost = DirSrvTools.getLocalhost()
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-deny-host',
ensure_bytes(hostname))])
if localhost != hostname:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-deny-host',
ensure_bytes(localhost))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: Failed to set deny host: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False

if succeeded:
log.fatal('test_rootdn_access_denied_host: Root DN was incorrectly able to bind')
assert False

#
# Change the denied host so root DN succeeds
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: : failed to bind as user1')
assert False

try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-deny-host', b'i.dont.exist.com')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: Failed to set rootDN plugin config: error {}'
.format(e))
assert False

try:
> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

suites/plugins/rootdn_plugin_test.py:443:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=Directory Manager', 'password'), kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x557b05d50588, file '/usr/local/lib/python3.7/site-packages/lib389/__init__.py', line 197,...68, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x557b05bdc1d8, file '/export/tests/suites/plugins/rootdn_plugin_test.py', line 447, code te..._rootdn_access_denied_host', code_context=[' topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, who = 'cn=Directory Manager'
cred = 'password', serverctrls = None, clientctrls = None

def simple_bind_s(self,who=None,cred=None,serverctrls=None,clientctrls=None):
"""
simple_bind_s([who='' [,cred='']]) -> 4-tuple
"""
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (10,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 10, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
> resp_ctrl_classes=resp_ctrl_classes
)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (10, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 10, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f8fc6854bc0>, 10, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'})
exc_traceback = <traceback object at 0x7f8fc6b728c8>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6854bc0>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_denied_host(topology_st, rootdn_setup):
"""Test denied Host feature - we can just test denying localhost

:id: a0ef30e5-538b-46fa-9762-01a4435a15e3
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set rootdn-deny-host to hostname (localhost if not accessable)
2. Bind as Root DN
3. Change the denied host so root DN succeeds
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_denied_host...')
hostname = socket.gethostname()
localhost = DirSrvTools.getLocalhost()
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-deny-host',
ensure_bytes(hostname))])
if localhost != hostname:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-deny-host',
ensure_bytes(localhost))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: Failed to set deny host: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False

if succeeded:
log.fatal('test_rootdn_access_denied_host: Root DN was incorrectly able to bind')
assert False

#
# Change the denied host so root DN succeeds
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: : failed to bind as user1')
assert False

try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-deny-host', b'i.dont.exist.com')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: Failed to set rootDN plugin config: error {}'
.format(e))
assert False

try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_denied_host: Root DN bind failed unexpectedly failed: error {}'
.format(e))
> assert False
E assert False

suites/plugins/rootdn_plugin_test.py:447: AssertionError
------------------------------ Captured log call -------------------------------
rootdn_plugin_test.py 397 INFO Running test_rootdn_access_denied_host... rootdn_plugin_test.py 446 CRITICAL test_rootdn_access_denied_host: Root DN bind failed unexpectedly failed: error {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}
Failed suites/plugins/rootdn_plugin_test.py::test_rootdn_access_allowed_ip 2.06
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_allowed_ip(topology_st, rootdn_setup):
"""Test allowed ip feature

:id: a0ef30e5-538b-46fa-9762-01a4435a15e4
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set allowed ip to 255.255.255.255 - blocks the Root DN
2. Bind as Root DN
3. Allow localhost
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_allowed_ip...')

#
# Set allowed ip to 255.255.255.255 - blocks the Root DN
#
try:
conn = ldap.initialize('ldap://{}:{}'.format(LOCALHOST_IP, topology_st.standalone.port))
> topology_st.standalone.restart()

suites/plugins/rootdn_plugin_test.py:495:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, timeout = 120, post_open = True

def restart(self, timeout=120, post_open=True):
'''
It restarts an instance and rebind it. Its final state after rebind
(open) is DIRSRV_STATE_ONLINE.

@param self
@param timeout (in sec) to wait for successful stop

@return None

@raise ValueError
'''
self.stop(timeout)
time.sleep(1)
> self.start(timeout, post_open)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, timeout = 120, post_open = True

def start(self, timeout=120, post_open=True):
'''
It starts an instance and rebind it. Its final state after rebind
(open) is DIRSRV_STATE_ONLINE

@param self
@param timeout (in sec) to wait for successful start

@return None

@raise ValueError
'''

if self.status() is True:
return

if self.with_systemd() and not self.containerised:
# Do systemd things here ...
subprocess.check_call(["systemctl",
"start",
"dirsrv@%s" % self.serverid])
else:
# Start the process.
# Wait for it to terminate
# This means the server is probably ready to go ....
env = {}
if self.has_asan():
self.log.warning("WARNING: Starting instance with ASAN options. This is probably not what you want. Please contact support.")
self.log.info("INFO: ASAN options will be copied from your environment")
env['ASAN_SYMBOLIZER_PATH'] = "/usr/bin/llvm-symbolizer"
env['ASAN_OPTIONS'] = "symbolize=1 detect_deadlocks=1 log_path=%s/ns-slapd-%s.asan" % (self.ds_paths.run_dir, self.serverid)
env.update(os.environ)
output = None
try:
cmd = ["%s/ns-slapd" % self.get_sbin_dir(),
"-D",
self.ds_paths.config_dir,
"-i",
self.ds_paths.pid_file],
self.log.debug("DEBUG: starting with %s" % cmd)
output = subprocess.check_output(*cmd, env=env, stderr=subprocess.STDOUT)
except subprocess.CalledProcessError:
self.log.error('Failed to start ns-slapd: "%s"' % output)
raise ValueError('Failed to start DS')
count = timeout
pid = pid_from_file(self.ds_paths.pid_file)
while (pid is None) and count > 0:
count -= 1
time.sleep(1)
pid = pid_from_file(self.ds_paths.pid_file)
if pid == 0 or pid is None:
raise ValueError('Failed to start DS')
# Wait
while not pid_exists(pid) and count > 0:
# It looks like DS changes the value in here at some point ...
# It's probably a DS bug, but if we "keep checking" the file, eventually
# we get the main server pid, and it's ready to go.
pid = pid_from_file(self.ds_paths.pid_file)
time.sleep(1)
count -= 1
if not pid_exists(pid):
raise ValueError("Failed to start DS")
if post_open:
> self.open()

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1176:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
uri = 'ldap://server.example.com:38901', saslmethod = None, sasltoken = None
certdir = '/etc/dirsrv/slapd-standalone1', starttls = False, connOnly = False
reqcert = 1, usercert = None, userkey = None

def open(self, uri=None, saslmethod=None, sasltoken=None, certdir=None, starttls=False, connOnly=False, reqcert=ldap.OPT_X_TLS_HARD,
usercert=None, userkey=None):
'''
It opens a ldap bound connection to dirsrv so that online
administrative tasks are possible. It binds with the binddn
property, then it initializes various fields from DirSrv
(via __initPart2)

The state changes -> DIRSRV_STATE_ONLINE

@param self
@param saslmethod - None, or GSSAPI
@param sasltoken - The ldap.sasl token type to bind with.
@param certdir - Certificate directory for TLS
@return None

@raise LDAPError
'''

# Force our state offline to prevent paths from trying to search
# cn=config while we startup.
self.state = DIRSRV_STATE_OFFLINE

if not uri:
uri = self.toLDAPURL()

self.log.debug('open(): Connecting to uri %s', uri)
if hasattr(ldap, 'PYLDAP_VERSION') and MAJOR >= 3:
super(DirSrv, self).__init__(uri, bytes_mode=False, trace_level=TRACE_LEVEL)
else:
super(DirSrv, self).__init__(uri, trace_level=TRACE_LEVEL)

if certdir is None and self.isLocal:
certdir = self.get_cert_dir()
self.log.debug("Using dirsrv ca certificate %s", certdir)

if certdir is not None:
"""
We have a certificate directory, so lets start up TLS negotiations
"""
# Note this sets LDAP.OPT not SELF. Because once self has opened
# it can NOT change opts AT ALL.
self.set_option(ldap.OPT_X_TLS_CACERTDIR, ensure_str(certdir))
self.log.debug("Using external ca certificate %s", certdir)

if userkey is not None:
# Note this sets LDAP.OPT not SELF. Because once self has opened
# it can NOT change opts AT ALL.
self.log.debug("Using user private key %s", userkey)
self.set_option(ldap.OPT_X_TLS_KEYFILE, ensure_str(userkey))

if usercert is not None:
self.log.debug("Using user certificate %s", usercert)
self.set_option(ldap.OPT_X_TLS_CERTFILE, ensure_str(usercert))

if certdir is not None:
self.log.debug("Using external ca certificate %s", certdir)
self.set_option(ldap.OPT_X_TLS_CACERTDIR, ensure_str(certdir))

if certdir or starttls:
try:
# Note this sets LDAP.OPT not SELF. Because once self has opened
# it can NOT change opts on reused (ie restart)
self.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, reqcert)
self.log.debug("Using certificate policy %s", reqcert)
self.log.debug("ldap.OPT_X_TLS_REQUIRE_CERT = %s", reqcert)
except ldap.LDAPError as e:
self.log.fatal('TLS negotiation failed: %s', e)
raise e

# Tell python ldap to make a new TLS context with this information.
self.set_option(ldap.OPT_X_TLS_NEWCTX, 0)

if starttls and not uri.startswith('ldaps'):
self.start_tls_s(escapehatch='i am sure')

if saslmethod and sasltoken is not None:
# Just pass the sasltoken in!
self.sasl_interactive_bind_s("", sasltoken, escapehatch='i am sure')
elif saslmethod and saslmethod.lower() == 'gssapi':
"""
Perform kerberos/gssapi authentication
"""
sasl_auth = ldap.sasl.gssapi("")
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')

elif saslmethod == 'EXTERNAL':
# Do nothing.
sasl_auth = ldap.sasl.external()
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')
elif saslmethod:
# Unknown or unsupported method
self.log.debug('Unsupported SASL method: %s', saslmethod)
raise ldap.UNWILLING_TO_PERFORM

elif self.can_autobind():
# Connect via ldapi, and autobind.
# do nothing: the bind is complete.
self.log.debug("open(): Using root autobind ...")
sasl_auth = ldap.sasl.external()
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')

else:
"""
Do a simple bind
"""
try:
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
except ldap.SERVER_DOWN as e:
# TODO add server info in exception
self.log.debug("Cannot connect to %r", uri)
raise e
except ldap.LDAPError as e:
self.log.debug("Error: Failed to authenticate as %s: %s" % (self.binddn, e))
> raise e

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1084:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
uri = 'ldap://server.example.com:38901', saslmethod = None, sasltoken = None
certdir = '/etc/dirsrv/slapd-standalone1', starttls = False, connOnly = False
reqcert = 1, usercert = None, userkey = None

def open(self, uri=None, saslmethod=None, sasltoken=None, certdir=None, starttls=False, connOnly=False, reqcert=ldap.OPT_X_TLS_HARD,
usercert=None, userkey=None):
'''
It opens a ldap bound connection to dirsrv so that online
administrative tasks are possible. It binds with the binddn
property, then it initializes various fields from DirSrv
(via __initPart2)

The state changes -> DIRSRV_STATE_ONLINE

@param self
@param saslmethod - None, or GSSAPI
@param sasltoken - The ldap.sasl token type to bind with.
@param certdir - Certificate directory for TLS
@return None

@raise LDAPError
'''

# Force our state offline to prevent paths from trying to search
# cn=config while we startup.
self.state = DIRSRV_STATE_OFFLINE

if not uri:
uri = self.toLDAPURL()

self.log.debug('open(): Connecting to uri %s', uri)
if hasattr(ldap, 'PYLDAP_VERSION') and MAJOR >= 3:
super(DirSrv, self).__init__(uri, bytes_mode=False, trace_level=TRACE_LEVEL)
else:
super(DirSrv, self).__init__(uri, trace_level=TRACE_LEVEL)

if certdir is None and self.isLocal:
certdir = self.get_cert_dir()
self.log.debug("Using dirsrv ca certificate %s", certdir)

if certdir is not None:
"""
We have a certificate directory, so lets start up TLS negotiations
"""
# Note this sets LDAP.OPT not SELF. Because once self has opened
# it can NOT change opts AT ALL.
self.set_option(ldap.OPT_X_TLS_CACERTDIR, ensure_str(certdir))
self.log.debug("Using external ca certificate %s", certdir)

if userkey is not None:
# Note this sets LDAP.OPT not SELF. Because once self has opened
# it can NOT change opts AT ALL.
self.log.debug("Using user private key %s", userkey)
self.set_option(ldap.OPT_X_TLS_KEYFILE, ensure_str(userkey))

if usercert is not None:
self.log.debug("Using user certificate %s", usercert)
self.set_option(ldap.OPT_X_TLS_CERTFILE, ensure_str(usercert))

if certdir is not None:
self.log.debug("Using external ca certificate %s", certdir)
self.set_option(ldap.OPT_X_TLS_CACERTDIR, ensure_str(certdir))

if certdir or starttls:
try:
# Note this sets LDAP.OPT not SELF. Because once self has opened
# it can NOT change opts on reused (ie restart)
self.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, reqcert)
self.log.debug("Using certificate policy %s", reqcert)
self.log.debug("ldap.OPT_X_TLS_REQUIRE_CERT = %s", reqcert)
except ldap.LDAPError as e:
self.log.fatal('TLS negotiation failed: %s', e)
raise e

# Tell python ldap to make a new TLS context with this information.
self.set_option(ldap.OPT_X_TLS_NEWCTX, 0)

if starttls and not uri.startswith('ldaps'):
self.start_tls_s(escapehatch='i am sure')

if saslmethod and sasltoken is not None:
# Just pass the sasltoken in!
self.sasl_interactive_bind_s("", sasltoken, escapehatch='i am sure')
elif saslmethod and saslmethod.lower() == 'gssapi':
"""
Perform kerberos/gssapi authentication
"""
sasl_auth = ldap.sasl.gssapi("")
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')

elif saslmethod == 'EXTERNAL':
# Do nothing.
sasl_auth = ldap.sasl.external()
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')
elif saslmethod:
# Unknown or unsupported method
self.log.debug('Unsupported SASL method: %s', saslmethod)
raise ldap.UNWILLING_TO_PERFORM

elif self.can_autobind():
# Connect via ldapi, and autobind.
# do nothing: the bind is complete.
self.log.debug("open(): Using root autobind ...")
sasl_auth = ldap.sasl.external()
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')

else:
"""
Do a simple bind
"""
try:
> self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1077:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=Directory Manager', 'password'), kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, who = 'cn=Directory Manager'
cred = 'password', serverctrls = None, clientctrls = None

def simple_bind_s(self,who=None,cred=None,serverctrls=None,clientctrls=None):
"""
simple_bind_s([who='' [,cred='']]) -> 4-tuple
"""
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (1,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 1, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
> resp_ctrl_classes=resp_ctrl_classes
)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (1, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 1, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f8fc6777210>, 1, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6777210>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'})
exc_traceback = <traceback object at 0x7f8fc6a3cdc8>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6777210>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_allowed_ip(topology_st, rootdn_setup):
"""Test allowed ip feature

:id: a0ef30e5-538b-46fa-9762-01a4435a15e4
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set allowed ip to 255.255.255.255 - blocks the Root DN
2. Bind as Root DN
3. Allow localhost
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_allowed_ip...')

#
# Set allowed ip to 255.255.255.255 - blocks the Root DN
#
try:
conn = ldap.initialize('ldap://{}:{}'.format(LOCALHOST_IP, topology_st.standalone.port))
topology_st.standalone.restart()
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-allow-ip', b'255.255.255.255')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_ip: Failed to set allowed host: error {}'
.format(e))
> assert False
E assert False

suites/plugins/rootdn_plugin_test.py:500: AssertionError
------------------------------ Captured log call -------------------------------
rootdn_plugin_test.py 488 INFO Running test_rootdn_access_allowed_ip... rootdn_plugin_test.py 499 CRITICAL test_rootdn_access_allowed_ip: Failed to set allowed host: error {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}
Failed suites/plugins/rootdn_plugin_test.py::test_rootdn_access_allowed_host 0.05
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_allowed_host(topology_st, rootdn_setup):
"""Test allowed host feature

:id: a0ef30e5-538b-46fa-9762-01a4435a15e5
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set allowed host to an unknown host - blocks the Root DN
2. Bind as Root DN
3. Allow localhost
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_allowed_host...')

#
# Set allowed host to an unknown host - blocks the Root DN
#
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-allow-host', b'i.dont.exist.com')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: Failed to set allowed host: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False

if succeeded:
log.fatal('test_rootdn_access_allowed_host: Root DN was incorrectly able to bind')
assert False

#
# Allow localhost
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: : failed to bind as user1')
assert False

hostname = socket.gethostname()
localhost = DirSrvTools.getLocalhost()
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_DELETE,
'rootdn-allow-host',
None)])
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-allow-host',
ensure_bytes(localhost))])
if hostname != localhost:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-allow-host',
ensure_bytes(hostname))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: Failed to set allowed host: error {}'
.format(e))
assert False

try:
> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

suites/plugins/rootdn_plugin_test.py:633:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=Directory Manager', 'password'), kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x557b05bdba38, file '/usr/local/lib/python3.7/site-packages/lib389/__init__.py', line 197,...68, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x557b05cb1e68, file '/export/tests/suites/plugins/rootdn_plugin_test.py', line 637, code te...rootdn_access_allowed_host', code_context=[' topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, who = 'cn=Directory Manager'
cred = 'password', serverctrls = None, clientctrls = None

def simple_bind_s(self,who=None,cred=None,serverctrls=None,clientctrls=None):
"""
simple_bind_s([who='' [,cred='']]) -> 4-tuple
"""
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (8,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 8, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
> resp_ctrl_classes=resp_ctrl_classes
)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (8, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>, msgid = 8, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f8fc6777210>, 8, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6777210>
args = (8, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'})
exc_traceback = <traceback object at 0x7f8fc6780508>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc680dda0>
func = <built-in method result4 of LDAP object at 0x7f8fc6777210>
args = (8, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc683fe48>
rootdn_setup = None

def test_rootdn_access_allowed_host(topology_st, rootdn_setup):
"""Test allowed host feature

:id: a0ef30e5-538b-46fa-9762-01a4435a15e5
:setup: Standalone instance, rootdn plugin set up
:steps:
1. Set allowed host to an unknown host - blocks the Root DN
2. Bind as Root DN
3. Allow localhost
4. Bind as Root DN
5. Cleanup - undo the changes we made so the next test has a clean slate
:expectedresults:
1. Success
2. Should fail
3. Success
4. Success
5. Success
"""

log.info('Running test_rootdn_access_allowed_host...')

#
# Set allowed host to an unknown host - blocks the Root DN
#
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'rootdn-allow-host', b'i.dont.exist.com')])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: Failed to set allowed host: error {}'
.format(e))
assert False

#
# Bind as Root DN - should fail
#
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
succeeded = True
except ldap.LDAPError as e:
succeeded = False

if succeeded:
log.fatal('test_rootdn_access_allowed_host: Root DN was incorrectly able to bind')
assert False

#
# Allow localhost
#
try:
topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: : failed to bind as user1')
assert False

hostname = socket.gethostname()
localhost = DirSrvTools.getLocalhost()
try:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_DELETE,
'rootdn-allow-host',
None)])
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-allow-host',
ensure_bytes(localhost))])
if hostname != localhost:
topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD,
'rootdn-allow-host',
ensure_bytes(hostname))])
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: Failed to set allowed host: error {}'
.format(e))
assert False

try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
except ldap.LDAPError as e:
log.fatal('test_rootdn_access_allowed_host: Root DN bind failed unexpectedly failed: error {}'
.format(e))
> assert False
E assert False

suites/plugins/rootdn_plugin_test.py:637: AssertionError
------------------------------ Captured log call -------------------------------
rootdn_plugin_test.py 580 INFO Running test_rootdn_access_allowed_host... rootdn_plugin_test.py 636 CRITICAL test_rootdn_access_allowed_host: Root DN bind failed unexpectedly failed: error {'desc': 'Server is unwilling to perform', 'info': 'RootDN access control violation'}
Failed suites/replication/cleanallruv_test.py::test_clean_restart 7.88
topology_m4 = <lib389.topologies.TopologyMain object at 0x7f8fc656c2e8>
m4rid = '4'

def test_clean_restart(topology_m4, m4rid):
"""Check that cleanallruv task works properly after a restart

:id: c6233bb3-092c-4919-9ac9-80dd02cc6e02
:setup: Replication setup with four masters
:steps:
1. Disable replication on master 4
2. Remove agreements to master 4 from other masters
3. Stop master 3
4. Run a cleanallruv task on master 1
5. Stop master 1
6. Start master 3
7. Make sure that no crash happened
8. Start master 1
9. Make sure that no crash happened
10. Check that everything was cleaned
:expectedresults:
1. Operation should be successful
2. Agreements to master 4 should be removed
3. Master 3 should be stopped
4. Cleanallruv task should be successfully executed
5. Master 1 should be stopped
6. Master 3 should be started
7. No crash should happened
8. Master 1 should be started
9. No crash should happened
10. Everything should be cleaned
"""
log.info('Running test_clean_restart...')

# Disable master 4
log.info('test_clean: disable master 4...')
# Remove the agreements from the other masters that point to master 4
remove_master4_agmts("test_clean", topology_m4)

# Stop master 3 to keep the task running, so we can stop master 1...
topology_m4.ms["master3"].stop()

# Run the task
log.info('test_clean: run the cleanAllRUV task...')
cruv_task = CleanAllRUVTask(topology_m4.ms["master1"])
cruv_task.create(properties={
'replica-id': m4rid,
'replica-base-dn': DEFAULT_SUFFIX,
'replica-force-cleaning': 'no',
'replica-certify-all': 'yes'
})

# Sleep a bit, then stop master 1
time.sleep(5)
topology_m4.ms["master1"].stop()

# Now start master 3 & 1, and make sure we didn't crash
topology_m4.ms["master3"].start()
if topology_m4.ms["master3"].detectDisorderlyShutdown():
log.fatal('test_clean_restart: Master 3 previously crashed!')
> assert False
E assert False

suites/replication/cleanallruv_test.py:276: AssertionError
------------------------------ Captured log setup ------------------------------
cleanallruv_test.py 145 DEBUG Wait a bit before the reset - it is required fot the slow machines cleanallruv_test.py 147 DEBUG -------------- BEGIN RESET of m4 ----------------- replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39003 is working cleanallruv_test.py 173 DEBUG -------------- FINISH RESET of m4 ----------------------------------------------- Captured log call -------------------------------
cleanallruv_test.py 248 INFO Running test_clean_restart... cleanallruv_test.py 251 INFO test_clean: disable master 4... cleanallruv_test.py 68 INFO test_clean: remove all the agreements to master 4... cleanallruv_test.py 259 INFO test_clean: run the cleanAllRUV task... cleanallruv_test.py 275 CRITICAL test_clean_restart: Master 3 previously crashed!
Failed suites/replication/cleanallruv_test.py::test_abort_restart 6.92
topology_m4 = <lib389.topologies.TopologyMain object at 0x7f8fc656c2e8>
m4rid = '4'

def test_abort_restart(topology_m4, m4rid):
"""Test the abort task can handle a restart, and then resume

:id: b66e33d4-fe85-4e1c-b882-75da80f70ab3
:setup: Replication setup with four masters
:steps:
1. Disable replication on master 4
2. Remove agreements to master 4 from other masters
3. Stop master 3
4. Run a cleanallruv task on master 1
5. Run a cleanallruv abort task on master 1
6. Restart master 1
7. Make sure that no crash happened
8. Start master 3
9. Check master 1 does not have the clean task running
10. Check that errors log doesn't have 'Aborting abort task' message
:expectedresults:
1. Replication on master 4 should be disabled
2. Agreements to master 4 should be removed
3. Master 3 should be stopped
4. Operation should be successful
5. Operation should be successful
6. Master 1 should be restarted
7. No crash should happened
8. Master 3 should be started
9. Check master 1 shouldn't have the clean task running
10. Errors log shouldn't have 'Aborting abort task' message
"""

log.info('Running test_abort_restart...')
# Remove the agreements from the other masters that point to master 4
remove_master4_agmts("test_abort", topology_m4)

# Stop master 3
log.info('test_abort_restart: stop master 3 to freeze the cleanAllRUV task...')
topology_m4.ms["master3"].stop()

# Run the task
log.info('test_abort_restart: add the cleanAllRUV task...')
cruv_task = CleanAllRUVTask(topology_m4.ms["master1"])
cruv_task.create(properties={
'replica-id': m4rid,
'replica-base-dn': DEFAULT_SUFFIX,
'replica-force-cleaning': 'no',
'replica-certify-all': 'yes'
})
# Wait a bit
time.sleep(2)

# Abort the task
cruv_task.abort(certify=True)

# Check master 1 does not have the clean task running
log.info('test_abort_abort: check master 1 no longer has a cleanAllRUV task...')
if not task_done(topology_m4, cruv_task.dn):
log.fatal('test_abort_restart: CleanAllRUV task was not aborted')
assert False

# Now restart master 1, and make sure the abort process completes
topology_m4.ms["master1"].restart()
if topology_m4.ms["master1"].detectDisorderlyShutdown():
log.fatal('test_abort_restart: Master 1 previously crashed!')
> assert False
E assert False

suites/replication/cleanallruv_test.py:466: AssertionError
------------------------------ Captured log setup ------------------------------
cleanallruv_test.py 145 DEBUG Wait a bit before the reset - it is required fot the slow machines cleanallruv_test.py 147 DEBUG -------------- BEGIN RESET of m4 ----------------- replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39003 is working cleanallruv_test.py 173 DEBUG -------------- FINISH RESET of m4 ----------------------------------------------- Captured log call -------------------------------
cleanallruv_test.py 433 INFO Running test_abort_restart... cleanallruv_test.py 68 INFO test_abort: remove all the agreements to master 4... cleanallruv_test.py 438 INFO test_abort_restart: stop master 3 to freeze the cleanAllRUV task... cleanallruv_test.py 442 INFO test_abort_restart: add the cleanAllRUV task... cleanallruv_test.py 457 INFO test_abort_abort: check master 1 no longer has a cleanAllRUV task... cleanallruv_test.py 465 CRITICAL test_abort_restart: Master 1 previously crashed!
Failed suites/replication/cleanallruv_test.py::test_abort_certify 2.81
topology_m4 = <lib389.topologies.TopologyMain object at 0x7f8fc656c2e8>
m4rid = '4'

def test_abort_certify(topology_m4, m4rid):
"""Test the abort task with a replica-certify-all option

:id: 78959966-d644-44a8-b98c-1fcf21b45eb0
:setup: Replication setup with four masters
:steps:
1. Disable replication on master 4
2. Remove agreements to master 4 from other masters
3. Stop master 2
4. Run a cleanallruv task on master 1
5. Run a cleanallruv abort task on master 1 with a replica-certify-all option
:expectedresults: No hanging tasks left
1. Replication on master 4 should be disabled
2. Agreements to master 4 should be removed
3. Master 2 should be stopped
4. Operation should be successful
5. Operation should be successful
"""

log.info('Running test_abort_certify...')

# Remove the agreements from the other masters that point to master 4
remove_master4_agmts("test_abort_certify", topology_m4)

# Stop master 2
log.info('test_abort_certify: stop master 2 to freeze the cleanAllRUV task...')
topology_m4.ms["master2"].stop()

# Run the task
log.info('test_abort_certify: add the cleanAllRUV task...')
cruv_task = CleanAllRUVTask(topology_m4.ms["master1"])
cruv_task.create(properties={
'replica-id': m4rid,
'replica-base-dn': DEFAULT_SUFFIX,
'replica-force-cleaning': 'no',
'replica-certify-all': 'yes'
})
# Wait a bit
time.sleep(2)

# Abort the task
log.info('test_abort_certify: abort the cleanAllRUV task...')
abort_task = cruv_task.abort(certify=True)

# Wait a while and make sure the abort task is still running
log.info('test_abort_certify...')

if task_done(topology_m4, abort_task.dn, 10):
log.fatal('test_abort_certify: abort task incorrectly finished')
> assert False
E assert False

suites/replication/cleanallruv_test.py:528: AssertionError
------------------------------ Captured log setup ------------------------------
cleanallruv_test.py 145 DEBUG Wait a bit before the reset - it is required fot the slow machines cleanallruv_test.py 147 DEBUG -------------- BEGIN RESET of m4 ----------------- replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39004 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39001 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39004 to ldap://server.example.com:39003 is working cleanallruv_test.py 173 DEBUG -------------- FINISH RESET of m4 ----------------------------------------------- Captured log call -------------------------------
cleanallruv_test.py 498 INFO Running test_abort_certify... cleanallruv_test.py 68 INFO test_abort_certify: remove all the agreements to master 4... cleanallruv_test.py 504 INFO test_abort_certify: stop master 2 to freeze the cleanAllRUV task... cleanallruv_test.py 508 INFO test_abort_certify: add the cleanAllRUV task... cleanallruv_test.py 520 INFO test_abort_certify: abort the cleanAllRUV task... cleanallruv_test.py 524 INFO test_abort_certify... cleanallruv_test.py 527 CRITICAL test_abort_certify: abort task incorrectly finished
Failed suites/sasl/plain_test.py::test_basic_feature 5.32
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc5f099b0>

def test_basic_feature(topology_st):
"""Check basic SASL functionality for PLAIN mechanism

:id: 75ddc6fa-aa5a-4025-9c71-1abad20c91fc
:setup: Standalone instance
:steps:
1. Stop the instance
2. Clean up confdir from previous cert and key files
3. Create RSA files: CA, key and cert
4. Start the instance
5. Create RSA entry
6. Set nsslapd-secureport to 636 and nsslapd-security to 'on'
7. Restart the instance
8. Create a user
9. Check we can bind
10. Check that PLAIN is listed in supported mechs
11. Set up Plain SASL credentials
12. Try to open a connection without TLS
13. Try to open a connection with TLS
14. Try to open a connection with a wrong password
:expectedresults:
1. The instance should stop
2. Confdir should be clean
3. RSA files should be created
4. The instance should start
5. RSA entry should be created
6. nsslapd-secureport and nsslapd-security should be set successfully
7. The instance should be restarted
8. User should be created
9. Bind should be successful
10. PLAIN should be listed in supported mechs
11. Plain SASL should be successfully set
12. AUTH_UNKNOWN exception should be raised
13. The connection should open
14. INVALID_CREDENTIALS exception should be raised
"""

standalone = topology_st.standalone
> standalone.enable_tls()

suites/sasl/plain_test.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Failed suites/sasl/regression_test.py::test_openldap_no_nss_crypto 14.66
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc6115d68>

def test_openldap_no_nss_crypto(topology_m2):
"""Check that we allow usage of OpenLDAP libraries
that don't use NSS for crypto

:id: 0a622f3d-8ba5-4df2-a1de-1fb2237da40a
:setup: Replication with two masters:
master_1 ----- startTLS -----> master_2;
master_1 <-- TLS_clientAuth -- master_2;
nsslapd-extract-pemfiles set to 'on' on both masters
without specifying cert names
:steps:
1. Add 5 users to master 1 and 2
2. Check that the users were successfully replicated
3. Relocate PEM files on master 1
4. Check PEM files in master 1 config directory
5. Add 5 users more to master 1 and 2
6. Check that the users were successfully replicated
7. Export userRoot on master 1
:expectedresults:
1. Users should be successfully added
2. Users should be successfully replicated
3. Operation should be successful
4. PEM files should be found
5. Users should be successfully added
6. Users should be successfully replicated
7. Operation should be successful
"""

log.info("Ticket 47536 - Allow usage of OpenLDAP libraries that don't use NSS for crypto")

> create_keys_certs(topology_m2)

suites/sasl/regression_test.py:399:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/sasl/regression_test.py:214: in create_keys_certs
topology_m2.ms["master1"].restart()
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists----------------------------- Captured stdout call -----------------------------
Is this a CA certificate [y/N]? Enter the path length constraint, enter to skip [<0 for unlimited path]: > Is this a critical extension [y/N]? ----------------------------- Captured stderr call -----------------------------
Generating key. This may take a few moments... Job for dirsrv@master1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@master1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
regression_test.py 397 INFO Ticket 47536 - Allow usage of OpenLDAP libraries that don't use NSS for crypto regression_test.py 127 INFO ######################### Creating SSL Keys and Certs ###################### regression_test.py 130 INFO ##### Ensure that nsslapd-extract-pemfiles is 'off' on master1 regression_test.py 132 INFO ##### restart master1 regression_test.py 130 INFO ##### Ensure that nsslapd-extract-pemfiles is 'off' on master2 regression_test.py 132 INFO ##### restart master2 regression_test.py 140 INFO ##### shutdown master1 regression_test.py 143 INFO ##### Creating a password file regression_test.py 152 INFO ##### create the pin file regression_test.py 163 INFO ##### Creating a noise file regression_test.py 172 INFO ##### Create key3.db and cert8.db database (master1): ['certutil', '-N', '-d', '/etc/dirsrv/slapd-master1', '-f', '/etc/dirsrv/slapd-master1/pwdfile.txt'] regression_test.py 111 INFO OUT: regression_test.py 117 INFO ERR: regression_test.py 176 INFO ##### Creating encryption key for CA (master1): ['certutil', '-G', '-d', '/etc/dirsrv/slapd-master1', '-z', '/etc/dirsrv/slapd-master1/noise.txt', '-f', '/etc/dirsrv/slapd-master1/pwdfile.txt'] regression_test.py 111 INFO OUT: regression_test.py 117 INFO ERR: regression_test.py 182 INFO ##### Creating self-signed CA certificate (master1) -- nickname CAcertificate regression_test.py 190 INFO ##### Creating Server certificate -- nickname Server-Cert1: ['certutil', '-S', '-n', 'Server-Cert1', '-s', 'CN=server.example.com,OU=389 Directory Server', '-c', 'CAcertificate', '-t', ',,', '-m', '1001', '-v', '120', '-d', '/etc/dirsrv/slapd-master1', '-z', '/etc/dirsrv/slapd-master1/noise.txt', '-f', '/etc/dirsrv/slapd-master1/pwdfile.txt'] regression_test.py 111 INFO OUT: regression_test.py 117 INFO ERR: regression_test.py 198 INFO ##### Creating Server certificate -- nickname Server-Cert2: ['certutil', '-S', '-n', 'Server-Cert2', '-s', 'CN=server.example.com,OU=390 Directory Server', '-c', 'CAcertificate', '-t', ',,', '-m', '1002', '-v', '120', '-d', '/etc/dirsrv/slapd-master1', '-z', '/etc/dirsrv/slapd-master1/noise.txt', '-f', '/etc/dirsrv/slapd-master1/pwdfile.txt'] regression_test.py 111 INFO OUT: regression_test.py 117 INFO ERR: regression_test.py 203 INFO ##### start master1 regression_test.py 206 INFO ##### enable SSL in master1 with all ciphers regression_test.py 46 INFO ######################### Enabling SSL LDAPSPORT 41636 ###################### regression_test.py 210 INFO ##### Check the cert db: ['certutil', '-L', '-d', '/etc/dirsrv/slapd-master1'] regression_test.py 111 INFO OUT: regression_test.py 116 INFO regression_test.py 116 INFO Certificate Nickname Trust Attributes regression_test.py 116 INFO SSL,S/MIME,JAR/XPI regression_test.py 116 INFO regression_test.py 116 INFO CAcertificate CTu,u,u regression_test.py 116 INFO Server-Cert1 u,u,u regression_test.py 116 INFO Server-Cert2 u,u,u regression_test.py 117 INFO ERR: regression_test.py 213 INFO ##### restart master1
Failed suites/setup_ds/dscreate_test.py::test_setup_ds_minimal 9.74
topology = <tests.suites.setup_ds.dscreate_test.TopologyInstance object at 0x7f8fc5dfea58>

def test_setup_ds_minimal(topology):
# Create the setupDs
lc = LogCapture()
# Give it the right types.
sds = SetupDs(verbose=DEBUGGING, dryrun=False, log=lc.log)

# Get the dicts from Type2Base, as though they were from _validate_ds_2_config
# IE get the defaults back just from Slapd2Base.collect
# Override instance name, root password, port and secure port.

general_options = General2Base(lc.log)
general_options.verify()
general = general_options.collect()

slapd_options = Slapd2Base(lc.log)
slapd_options.set('instance_name', INSTANCE_SERVERID)
slapd_options.set('port', INSTANCE_PORT)
slapd_options.set('root_password', PW_DM)
slapd_options.verify()
slapd = slapd_options.collect()

> sds.create_from_args(general, slapd, {}, None)

suites/setup_ds/dscreate_test.py:100:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/instance/setup.py:654: in create_from_args
self._install_ds(general, slapd, backends)
/usr/local/lib/python3.7/site-packages/lib389/instance/setup.py:937: in _install_ds
ds_instance.restart(post_open=False)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
dscreate_test.py 38 DEBUG Instance allocated __init__.py 557 DEBUG Allocate <class 'lib389.DirSrv'> with None __init__.py 580 DEBUG Allocate <class 'lib389.DirSrv'> with server.example.com:54321 __init__.py 608 DEBUG Allocate <class 'lib389.DirSrv'> with server.example.com:54321 __init__.py 745 DEBUG list instance not found in /etc/dirsrv/slapd-standalone/dse.ldif: standalone----------------------------- Captured stderr call -----------------------------
Created symlink /etc/systemd/system/multi-user.target.wants/dirsrv@standalone.service → /usr/lib/systemd/system/dirsrv@.service. Job for dirsrv@standalone.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
setup.py 638 INFO Starting installation... __init__.py 745 DEBUG list instance not found in /etc/dirsrv/slapd-standalone/dse.ldif: standalone __init__.py 557 DEBUG Allocate <class 'lib389.DirSrv'> with None __init__.py 580 DEBUG Allocate <class 'lib389.DirSrv'> with server.example.com:54321 __init__.py 608 DEBUG Allocate <class 'lib389.DirSrv'> with server.example.com:54321 nss_ssl.py 155 DEBUG nss cmd: /usr/bin/certutil -N -d /etc/dirsrv/slapd-standalone -f /etc/dirsrv/slapd-standalone/pwdfile.txt nss_ssl.py 157 DEBUG nss output: nss_ssl.py 155 DEBUG nss cmd: /usr/bin/certutil -N -d /etc/dirsrv/ssca/ -f /etc/dirsrv/ssca//pwdfile.txt nss_ssl.py 157 DEBUG nss output: nss_ssl.py 217 DEBUG nss cmd: /usr/bin/certutil -S -n Self-Signed-CA -s CN=ssca.389ds.example.com,O=testing,L=389ds,ST=Queensland,C=AU -x -g 4096 -t CT,, -v 24 --keyUsage certSigning -d /etc/dirsrv/ssca/ -z /etc/dirsrv/ssca//noise.txt -f /etc/dirsrv/ssca//pwdfile.txt nss_ssl.py 219 DEBUG nss output: Generating key. This may take a few moments... nss_ssl.py 231 DEBUG nss cmd: /usr/bin/certutil -L -n Self-Signed-CA -d /etc/dirsrv/ssca/ -a nss_ssl.py 236 DEBUG nss cmd: /usr/bin/c_rehash /etc/dirsrv/ssca/ nss_ssl.py 520 DEBUG nss cmd: /usr/bin/certutil -R --keyUsage digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment --nsCertType sslClient,sslServer --extKeyUsage clientAuth,serverAuth -s CN=server.example.com,givenName=ab53db8c-4350-449d-ac2b-b9c8131d5180,O=testing,L=389ds,ST=Queensland,C=AU -8 server.example.com -g 4096 -d /etc/dirsrv/slapd-standalone -z /etc/dirsrv/slapd-standalone/noise.txt -f /etc/dirsrv/slapd-standalone/pwdfile.txt -a -o /etc/dirsrv/slapd-standalone/Server-Cert.csr nss_ssl.py 546 DEBUG nss cmd: /usr/bin/certutil -C -d /etc/dirsrv/ssca/ -f /etc/dirsrv/ssca//pwdfile.txt -v 24 -a -i /etc/dirsrv/slapd-standalone/Server-Cert.csr -o /etc/dirsrv/slapd-standalone/Server-Cert.crt -c Self-Signed-CA nss_ssl.py 563 DEBUG nss cmd: /usr/bin/c_rehash /etc/dirsrv/slapd-standalone nss_ssl.py 576 DEBUG nss cmd: /usr/bin/certutil -A -n Self-Signed-CA -t CT,, -a -i /etc/dirsrv/slapd-standalone/ca.crt -d /etc/dirsrv/slapd-standalone -f /etc/dirsrv/slapd-standalone/pwdfile.txt nss_ssl.py 591 DEBUG nss cmd: /usr/bin/certutil -A -n Server-Cert -t ,, -a -i /etc/dirsrv/slapd-standalone/Server-Cert.crt -d /etc/dirsrv/slapd-standalone -f /etc/dirsrv/slapd-standalone/pwdfile.txt nss_ssl.py 600 DEBUG nss cmd: /usr/bin/certutil -V -d /etc/dirsrv/slapd-standalone -n Server-Cert -u YCV utils.py 260 DEBUG port 636 already in [389, 636, 3268, 3269, 7389], skipping port relabel __init__.py 996 DEBUG open(): Connecting to uri ldap://server.example.com:54321/ __init__.py 1004 DEBUG Using dirsrv ca certificate /etc/dirsrv/slapd-standalone __init__.py 1013 DEBUG Using external ca certificate /etc/dirsrv/slapd-standalone __init__.py 1026 DEBUG Using external ca certificate /etc/dirsrv/slapd-standalone __init__.py 1034 DEBUG Using certificate policy 1 __init__.py 1035 DEBUG ldap.OPT_X_TLS_REQUIRE_CERT = 1 __init__.py 1089 DEBUG open(): bound as cn=Directory Manager __init__.py 996 DEBUG open(): Connecting to uri ldap://server.example.com:54321/ __init__.py 1004 DEBUG Using dirsrv ca certificate /etc/dirsrv/slapd-standalone __init__.py 1013 DEBUG Using external ca certificate /etc/dirsrv/slapd-standalone __init__.py 1026 DEBUG Using external ca certificate /etc/dirsrv/slapd-standalone __init__.py 1034 DEBUG Using certificate policy 1 __init__.py 1035 DEBUG ldap.OPT_X_TLS_REQUIRE_CERT = 1 __init__.py 1089 DEBUG open(): bound as cn=Directory Manager _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-secureport', '636') _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-security', 'on') _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-ldapifilepath', '/var/run/slapd-standalone.socket') _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-ldapilisten', 'on') _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-ldapiautobind', 'on') _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-ldapimaprootdn', 'cn=Directory Manager') _mapped_object.py 365 DEBUG cn=config set REPLACE: ('nsslapd-rootpw', 'password')
Failed suites/setup_ds/remove_test.py::test_basic[True] 0.28
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc5ff3ef0>
simple_allocate = True

@pytest.mark.parametrize("simple_allocate", (True, False))
def test_basic(topology_st, simple_allocate):
"""Check that all DS directories and systemd items were removed"""

inst = topology_st.standalone

# FreeIPA uses local_simple_allocate for the removal process
if simple_allocate:
inst = DirSrv(verbose=inst.verbose)
inst.local_simple_allocate(topology_st.standalone.serverid)

remove_ds_instance(inst)

paths = [inst.ds_paths.backup_dir,
inst.ds_paths.cert_dir,
inst.ds_paths.config_dir,
inst.ds_paths.db_dir,
inst.get_changelog_dir(),
inst.ds_paths.ldif_dir,
inst.ds_paths.lock_dir,
inst.ds_paths.log_dir,
"{}/sysconfig/dirsrv-{}".format(inst.ds_paths.sysconf_dir, inst.serverid)]
for path in paths:
> assert not os.path.exists(path)
E AssertionError: assert not True
E + where True = <function exists at 0x7f8fda2c1510>('/etc/sysconfig/dirsrv-standalone1')
E + where <function exists at 0x7f8fda2c1510> = <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'>.exists
E + where <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'> = os.path

suites/setup_ds/remove_test.py:56: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Removed /etc/systemd/system/dirsrv.target.wants/dirsrv@standalone1.service. ------------------------------ Captured log call -------------------------------
__init__.py 476 INFO Allocate local instance <class 'lib389.DirSrv'> with None
Failed suites/setup_ds/remove_test.py::test_basic[False] 0.32
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc5f86470>
simple_allocate = False

@pytest.mark.parametrize("simple_allocate", (True, False))
def test_basic(topology_st, simple_allocate):
"""Check that all DS directories and systemd items were removed"""

inst = topology_st.standalone

# FreeIPA uses local_simple_allocate for the removal process
if simple_allocate:
inst = DirSrv(verbose=inst.verbose)
inst.local_simple_allocate(topology_st.standalone.serverid)

remove_ds_instance(inst)

paths = [inst.ds_paths.backup_dir,
inst.ds_paths.cert_dir,
inst.ds_paths.config_dir,
inst.ds_paths.db_dir,
inst.get_changelog_dir(),
inst.ds_paths.ldif_dir,
inst.ds_paths.lock_dir,
inst.ds_paths.log_dir,
"{}/sysconfig/dirsrv-{}".format(inst.ds_paths.sysconf_dir, inst.serverid)]
for path in paths:
> assert not os.path.exists(path)
E AssertionError: assert not True
E + where True = <function exists at 0x7f8fda2c1510>('/etc/sysconfig/dirsrv-standalone1')
E + where <function exists at 0x7f8fda2c1510> = <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'>.exists
E + where <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'> = os.path

suites/setup_ds/remove_test.py:56: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/tls/tls_check_crl_test.py::test_tls_check_crl 5.40
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4f2ae10>

def test_tls_check_crl(topology_st):
"""Test that TLS check_crl configurations work as expected.

:id:
:steps:
1. Enable TLS
2. Set invalid value
3. Set valid values
4. Check config reset
:expectedresults:
1. TlS is setup
2. The invalid value is rejected
3. The valid values are used
4. The value can be reset
"""
standalone = topology_st.standalone
# Enable TLS
> standalone.enable_tls()

suites/tls/tls_check_crl_test.py:32:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Failed tickets/ticket47462_test.py::test_ticket47462 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc5dfefd0>

def test_ticket47462(topology_m2):
"""
Test that AES properly replaces DES during an update/restart, and that
replication also works correctly.
"""

#
# First set config as if it's an older version. Set DES to use
# libdes-plugin, MMR to depend on DES, delete the existing AES plugin,
# and set a DES password for the replication agreement.
#
# Add an extra attribute to the DES plugin args
#
try:
topology_m2.ms["master1"].modify_s(DES_PLUGIN,
> [(ldap.MOD_REPLACE, 'nsslapd-pluginEnabled', 'on')])

tickets/ticket47462_test.py:47:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:603: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:600: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc5263c88>
func = <built-in method modify_ext of LDAP object at 0x7f8fc4f8e300>
args = ('cn=DES,cn=Password Storage Schemes,cn=plugins,cn=config', [(2, 'nsslapd-pluginEnabled', 'on')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', 'o')

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: TypeError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists
Failed tickets/ticket47838_test.py::test_47838_init 4.93
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_init(topology_st):
"""
Generate self signed cert and import it to the DS cert db.
Enable SSL
"""
_header(topology_st, 'Testing Ticket 47838 - harden the list of ciphers available by default')
onss_version = os.popen("rpm -q nss | awk -F'-' '{print $2}'", "r")
global nss_version
nss_version = onss_version.readline()
nss_ssl = NssSsl(dbpath=topology_st.standalone.get_cert_dir())
nss_ssl.reinit()
nss_ssl.create_rsa_ca()
nss_ssl.create_rsa_key_and_cert()

log.info("\n######################### enable SSL in the directory server with all ciphers ######################\n")
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_REPLACE, 'nsSSL3', b'off'),
(ldap.MOD_REPLACE, 'nsTLS1', b'on'),
(ldap.MOD_REPLACE, 'nsSSLClientAuth', b'allowed'),
(ldap.MOD_REPLACE, 'allowWeakCipher', b'on'),
(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'+all')])

topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'nsslapd-security', b'on'),
(ldap.MOD_REPLACE, 'nsslapd-ssl-check-hostname', b'off'),
(ldap.MOD_REPLACE, 'nsslapd-secureport', ensure_bytes(MY_SECURE_PORT))])

topology_st.standalone.add_s(Entry((RSA_DN, {'objectclass': "top nsEncryptionModule".split(),
'cn': RSA,
'nsSSLPersonalitySSL': SERVERCERT,
'nsSSLToken': 'internal (software)',
> 'nsSSLActivation': 'on'})))

tickets/ticket47838_test.py:85:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:430: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:195: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method result4 of LDAP object at 0x7f8fc4d7e990>
args = (6, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.ALREADY_EXISTS: {'desc': 'Already exists'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: ALREADY_EXISTS
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Testing Ticket 47838 - harden the list of ciphers available by default ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ############################################### ticket47838_test.py 69 INFO ######################### enable SSL in the directory server with all ciphers ######################
Failed tickets/ticket47838_test.py::test_47838_run_0 6.33
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_0(topology_st):
"""
Check nsSSL3Ciphers: +all
All ciphers are enabled except null.
Note: allowWeakCipher: on
"""
_header(topology_st, 'Test Case 1 - Check the ciphers availability for "+all"; allowWeakCipher: on')
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', b'64')])
time.sleep(5)
log.info("\n######################### Restarting the server ######################\n")
> topology_st.standalone.restart(timeout=120)

tickets/ticket47838_test.py:118:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 1 - Check the ciphers availability for "+all"; allowWeakCipher: on ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ############################################### ticket47838_test.py 117 INFO ######################### Restarting the server ######################
Failed tickets/ticket47838_test.py::test_47838_run_1 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_1(topology_st):
"""
Check nsSSL3Ciphers: +all
All ciphers are enabled except null.
Note: default allowWeakCipher (i.e., off) for +all
"""
_header(topology_st, 'Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:153:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method result4 of LDAP object at 0x7f8fc4d7e990>
args = (9, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_2 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_2(topology_st):
"""
Check nsSSL3Ciphers: +rsa_aes_128_sha,+rsa_aes_256_sha
rsa_aes_128_sha, tls_rsa_aes_128_sha, rsa_aes_256_sha, tls_rsa_aes_256_sha are enabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:198:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_3 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_3(topology_st):
"""
Check nsSSL3Ciphers: -all
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 4 - Check the ciphers availability for "-all"')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:232:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 4 - Check the ciphers availability for "-all" ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_4 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_4(topology_st):
"""
Check no nsSSL3Ciphers
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 5 - Check no nsSSL3Ciphers (default setting) with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:264:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 5 - Check no nsSSL3Ciphers (default setting) with default allowWeakCipher ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_5 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_5(topology_st):
"""
Check nsSSL3Ciphers: default
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:306:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_6 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_6(topology_st):
"""
Check nsSSL3Ciphers: +all,-rsa_rc4_128_md5
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 7 - Check nsSSL3Ciphers: +all,-tls_dhe_rsa_aes_128_gcm_sha with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:350:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 7 - Check nsSSL3Ciphers: +all,-tls_dhe_rsa_aes_128_gcm_sha with default allowWeakCipher ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_7 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_7(topology_st):
"""
Check nsSSL3Ciphers: -all,+rsa_rc4_128_md5
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 8 - Check nsSSL3Ciphers: -all,+rsa_rc4_128_md5 with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:386:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 8 - Check nsSSL3Ciphers: -all,+rsa_rc4_128_md5 with default allowWeakCipher ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_8 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_8(topology_st):
"""
Check nsSSL3Ciphers: default + allowWeakCipher: off
Strong Default ciphers are enabled.
"""
_header(topology_st, 'Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off)')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:418:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off) ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_9 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_9(topology_st):
"""
Check no nsSSL3Ciphers
Default ciphers are enabled.
allowWeakCipher: on
nsslapd-errorlog-level: 0
"""
_header(topology_st,
'Test Case 10 - Check no nsSSL3Ciphers (default setting) with no errorlog-level & allowWeakCipher on')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:464:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 10 - Check no nsSSL3Ciphers (default setting) with no errorlog-level & allowWeakCipher on ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_10 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_10(topology_st):
"""
Check nsSSL3Ciphers: -TLS_RSA_WITH_NULL_MD5,+TLS_RSA_WITH_RC4_128_MD5,
+TLS_RSA_EXPORT_WITH_RC4_40_MD5,+TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
+TLS_DHE_RSA_WITH_DES_CBC_SHA,+SSL_RSA_FIPS_WITH_DES_CBC_SHA,
+TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,+SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
+TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,+TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-SSL_CK_RC4_128_WITH_MD5,-SSL_CK_RC4_128_EXPORT40_WITH_MD5,
-SSL_CK_RC2_128_CBC_WITH_MD5,-SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
-SSL_CK_DES_64_CBC_WITH_MD5,-SSL_CK_DES_192_EDE3_CBC_WITH_MD5
allowWeakCipher: on
nsslapd-errorlog-level: 0
"""
_header(topology_st,
'Test Case 11 - Check nsSSL3Ciphers: long list using the NSS Cipher Suite name with allowWeakCipher on')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:522:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 11 - Check nsSSL3Ciphers: long list using the NSS Cipher Suite name with allowWeakCipher on ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_11 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_11(topology_st):
"""
Check nsSSL3Ciphers: +fortezza
SSL_GetImplementedCiphers does not return this as a secuire cipher suite
"""
_header(topology_st, 'Test Case 12 - Check nsSSL3Ciphers: +fortezza, which is not supported')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:564:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 12 - Check nsSSL3Ciphers: +fortezza, which is not supported ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47928_run_0 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47928_run_0(topology_st):
"""
No SSL version config parameters.
Check SSL3 (TLS1.0) is off.
"""
_header(topology_st, 'Test Case 13 - No SSL version config parameters')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:592:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 13 - No SSL version config parameters ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47928_run_1 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47928_run_1(topology_st):
"""
No nsSSL3, nsTLS1; sslVersionMin > sslVersionMax
Check sslVersionMax is ignored.
"""
_header(topology_st, 'Test Case 14 - No nsSSL3, nsTLS1; sslVersionMin > sslVersionMax')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:629:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 14 - No nsSSL3, nsTLS1; sslVersionMin > sslVersionMax ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47928_run_2 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47928_run_2(topology_st):
"""
nsSSL3: on; sslVersionMin: TLS1.1; sslVersionMax: TLS1.2
Conflict between nsSSL3 and range; nsSSL3 is disabled
"""
_header(topology_st, 'Test Case 15 - nsSSL3: on; sslVersionMin: TLS1.1; sslVersionMax: TLS1.2')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:665:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 15 - nsSSL3: on; sslVersionMin: TLS1.1; sslVersionMax: TLS1.2 ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47928_run_3 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47928_run_3(topology_st):
"""
nsSSL3: on; nsTLS1: off; sslVersionMin: TLS1.1; sslVersionMax: TLS1.2
Conflict between nsSSL3/nsTLS1 and range; nsSSL3 is disabled; nsTLS1 is enabled.
"""
_header(topology_st, 'Test Case 16 - nsSSL3: on; nsTLS1: off; sslVersionMin: TLS1.1; sslVersionMax: TLS1.2')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:711:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 16 - nsSSL3: on; nsTLS1: off; sslVersionMin: TLS1.1; sslVersionMax: TLS1.2 ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47838_test.py::test_47838_run_last 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4d755c0>

def test_47838_run_last(topology_st):
"""
Check nsSSL3Ciphers: all <== invalid value
All ciphers are disabled.
"""
_header(topology_st, 'Test Case 17 - Check nsSSL3Ciphers: all, which is invalid')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

tickets/ticket47838_test.py:758:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4d75748>
func = <built-in method simple_bind of LDAP object at 0x7f8fc4d7e990>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47838_test.py 48 INFO ############################################### ticket47838_test.py 49 INFO ####### ticket47838_test.py 50 INFO ####### Test Case 17 - Check nsSSL3Ciphers: all, which is invalid ticket47838_test.py 51 INFO ####### ticket47838_test.py 52 INFO ###############################################
Failed tickets/ticket47950_test.py::test_ticket47950 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc49dd898>

def test_ticket47950(topology_st):
"""
Testing nsslapd-plugin-binddn-tracking does not cause issues around
access control and reconfiguring replication/repl agmt.
"""

log.info('Testing Ticket 47950 - Testing nsslapd-plugin-binddn-tracking')

#
# Turn on bind dn tracking
#
try:
> topology_st.standalone.modify_s("cn=config", [(ldap.MOD_REPLACE, 'nsslapd-plugin-binddn-tracking', 'on')])

tickets/ticket47950_test.py:39:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:603: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:600: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc49d5ba8>
func = <built-in method modify_ext of LDAP object at 0x7f8fc48edf80>
args = ('cn=config', [(2, 'nsslapd-plugin-binddn-tracking', 'on')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', 'o')

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: TypeError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket47966_test.py::test_ticket47966 0.01
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc49e6f28>

def test_ticket47966(topology_m2):
'''
Testing bulk import when the backend with VLV was recreated.
If the test passes without the server crash, 47966 is verified.
'''
log.info('Testing Ticket 47966 - [VLV] slapd crashes during Dogtag clone reinstallation')
M1 = topology_m2.ms["master1"]
M2 = topology_m2.ms["master2"]
m1_m2_agmt = M1.agreement.list(suffix=DEFAULT_SUFFIX)[0].dn

log.info('0. Create a VLV index on Master 2.')
# get the backend entry
be = M2.replica.conn.backend.list(suffix=DEFAULT_SUFFIX)
if not be:
log.fatal("ticket47966: enable to retrieve the backend for %s" % DEFAULT_SUFFIX)
raise ValueError("no backend for suffix %s" % DEFAULT_SUFFIX)
bent = be[0]
beName = bent.getValue('cn')
beDn = "cn=%s,cn=ldbm database,cn=plugins,cn=config" % beName

# generate vlvSearch entry
vlvSrchDn = "cn=vlvSrch,%s" % beDn
log.info('0-1. vlvSearch dn: %s' % vlvSrchDn)
vlvSrchEntry = Entry(vlvSrchDn)
vlvSrchEntry.setValues('objectclass', 'top', 'vlvSearch')
vlvSrchEntry.setValues('cn', 'vlvSrch')
vlvSrchEntry.setValues('vlvBase', DEFAULT_SUFFIX)
vlvSrchEntry.setValues('vlvFilter', '(|(objectclass=*)(objectclass=ldapsubentry))')
vlvSrchEntry.setValues('vlvScope', '2')
> M2.add_s(vlvSrchEntry)

tickets/ticket47966_test.py:50:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:430: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:195: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4949128>
func = <built-in method result4 of LDAP object at 0x7f8fc45e8ee0>
args = (25, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.NO_SUCH_OBJECT: {'desc': 'No such object'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: NO_SUCH_OBJECT
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists------------------------------ Captured log call -------------------------------
ticket47966_test.py 26 INFO Testing Ticket 47966 - [VLV] slapd crashes during Dogtag clone reinstallation ticket47966_test.py 31 INFO 0. Create a VLV index on Master 2. backend.py 76 INFO List backend with suffix=dc=example,dc=com ticket47966_test.py 43 INFO 0-1. vlvSearch dn: cn=vlvSrch,cn=b'userRoot',cn=ldbm database,cn=plugins,cn=config
Failed tickets/ticket47973_test.py::test_ticket47973_case 5.06
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc4952358>

def test_ticket47973_case(topology_st):
log.info('Testing Ticket 47973 (case) - Test the cases in the original schema are preserved.')

log.info('case 1 - Test the cases in the original schema are preserved.')

tsfile = topology_st.standalone.schemadir + '/98test.ldif'
tsfd = open(tsfile, "w")
Mozattr0 = "MoZiLLaaTTRiBuTe"
testschema = "dn: cn=schema\nattributetypes: ( 8.9.10.11.12.13.14 NAME '" + Mozattr0 + "' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Mozilla Dummy Schema' )\nobjectclasses: ( 1.2.3.4.5.6.7 NAME 'MozillaObject' SUP top MUST ( objectclass $ cn ) MAY ( " + Mozattr0 + " ) X-ORIGIN 'user defined' )"
tsfd.write(testschema)
tsfd.close()

try:
# run the schema reload task with the default schemadir
topology_st.standalone.tasks.schemaReload(schemadir=topology_st.standalone.schemadir,
args={TASK_WAIT: False})
except ValueError:
log.error('Schema Reload task failed.')
assert False

time.sleep(5)

try:
schemaentry = topology_st.standalone.search_s("cn=schema", ldap.SCOPE_BASE,
'objectclass=top',
["objectclasses"])
oclist = schemaentry[0].data.get("objectclasses")
except ldap.LDAPError as e:
log.error('Failed to get schema entry: error (%s)' % e.args[0]['desc'])
raise e

found = 0
for oc in oclist:
log.info('OC: %s' % oc)
moz = re.findall(Mozattr0, oc.decode('utf-8'))
if moz:
found = 1
log.info('case 1: %s is in the objectclasses list -- PASS' % Mozattr0)

if found == 0:
log.error('case 1: %s is not in the objectclasses list -- FAILURE' % Mozattr0)
> assert False
E assert False

tickets/ticket47973_test.py:154: AssertionError
------------------------------ Captured log call -------------------------------
tasks.py 1108 INFO Schema Reload task (task-03232019_213844) completed successfully ticket47973_test.py 153 ERROR case 1: MoZiLLaaTTRiBuTe is not in the objectclasses list -- FAILURE
Failed tickets/ticket47988_test.py::test_ticket47988_init 0.63
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_init(topology_m2):
"""
It adds
- Objectclass with MAY 'member'
- an entry ('bind_entry') with which we bind to test the 'SELFDN' operation
It deletes the anonymous aci

"""

_header(topology_m2, 'test_ticket47988_init')

# enable acl error logging
mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', ensure_bytes(str(8192)))] # REPL
topology_m2.ms["master1"].modify_s(DN_CONFIG, mod)
topology_m2.ms["master2"].modify_s(DN_CONFIG, mod)

mod = [(ldap.MOD_REPLACE, 'nsslapd-accesslog-level', ensure_bytes(str(260)))] # Internal op
topology_m2.ms["master1"].modify_s(DN_CONFIG, mod)
topology_m2.ms["master2"].modify_s(DN_CONFIG, mod)

# add dummy entries
for cpt in range(MAX_OTHERS):
name = "%s%d" % (OTHER_NAME, cpt)
topology_m2.ms["master1"].add_s(Entry(("cn=%s,%s" % (name, SUFFIX), {
'objectclass': "top person".split(),
'sn': name,
'cn': name})))

# check that entry 0 is replicated before
loop = 0
entryDN = "cn=%s0,%s" % (OTHER_NAME, SUFFIX)
while loop <= 10:
try:
ent = topology_m2.ms["master2"].getEntry(entryDN, ldap.SCOPE_BASE, "(objectclass=*)", ['telephonenumber'])
break
except ldap.NO_SUCH_OBJECT:
time.sleep(1)
loop += 1
assert (loop <= 10)

topology_m2.ms["master1"].stop(timeout=10)
topology_m2.ms["master2"].stop(timeout=10)

# install the specific schema M1: ipa3.3, M2: ipa4.1
schema_file = os.path.join(topology_m2.ms["master1"].getDir(__file__, DATA_DIR), "ticket47988/schema_ipa3.3.tar.gz")
_install_schema(topology_m2.ms["master1"], schema_file)
schema_file = os.path.join(topology_m2.ms["master1"].getDir(__file__, DATA_DIR), "ticket47988/schema_ipa4.1.tar.gz")
_install_schema(topology_m2.ms["master2"], schema_file)

> topology_m2.ms["master1"].start(timeout=10)

/export/tests/tickets/ticket47988_test.py:155:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists----------------------------- Captured stderr call -----------------------------
Job for dirsrv@master1.service failed because the control process exited with error code. See "systemctl status dirsrv@master1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_init ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ################################################### ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/02common.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/50ns-admin.ldif ticket47988_test.py 96 INFO replace /etc/dirsrv/slapd-master1/schema/99user.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60nss-ldap.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60autofs.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/50ns-web.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60samba.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/10dna-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/05rfc4523.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60basev2.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/10automember-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/05rfc2927.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/10mep-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60ipadns.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/10rfc2307.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/50ns-mail.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/05rfc4524.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60trust.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60ipaconfig.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/50ns-directory.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60eduperson.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60mozilla.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/65ipasudo.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60rfc3712.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60rfc2739.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/50ns-value.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60acctpolicy.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/01core389.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60sabayon.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60pam-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/00core.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/25java-object.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60sudo.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/70ipaotp.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60pureftpd.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/61kerberos-ipav3.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60kerberos.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60basev3.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/06inetorgperson.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/30ns-common.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/28pilot.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/20subscriber.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/50ns-certificate.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master1/schema/60posix-winsync-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/02common.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/50ns-admin.ldif ticket47988_test.py 96 INFO replace /etc/dirsrv/slapd-master2/schema/99user.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60nss-ldap.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60autofs.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/50ns-web.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60samba.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/10dna-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/05rfc4523.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60basev2.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/10automember-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/05rfc2927.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/10mep-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60ipadns.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/10rfc2307.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/50ns-mail.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/05rfc4524.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60trust.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60ipaconfig.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/50ns-directory.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60eduperson.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60mozilla.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/65ipasudo.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60rfc3712.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60rfc2739.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/50ns-value.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60acctpolicy.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/01core389.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60sabayon.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60pam-plugin.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/00core.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/25java-object.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60sudo.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/70ipaotp.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60pureftpd.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/61kerberos-ipav3.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60kerberos.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60basev3.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/06inetorgperson.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/30ns-common.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/28pilot.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/20subscriber.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/50ns-certificate.ldif ticket47988_test.py 100 INFO add /etc/dirsrv/slapd-master2/schema/60posix-winsync-plugin.ldif
Failed tickets/ticket47988_test.py::test_ticket47988_1 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_1(topology_m2):
'''
Check that replication is working and pause replication M2->M1
'''
_header(topology_m2, 'test_ticket47988_1')

topology_m2.ms["master1"].log.debug("\n\nCheck that replication is working and pause replication M2->M1\n")
> _do_update_entry(supplier=topology_m2.ms["master2"], consumer=topology_m2.ms["master1"], attempts=5)

/export/tests/tickets/ticket47988_test.py:232:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:182: in _do_update_entry
supplier.modify_s(entryDN, mod)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:604: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc45222b0>
func = <built-in method result4 of LDAP object at 0x7f8fc45a83c8>
args = (27, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_1 ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_2 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_2(topology_m2):
'''
Update M1 schema and trigger update M1->M2
So M1 should learn new/extended definitions that are in M2 schema
'''
_header(topology_m2, 'test_ticket47988_2')

topology_m2.ms["master1"].log.debug("\n\nUpdate M1 schema and an entry on M1\n")
> master1_schema_csn = topology_m2.ms["master1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:244:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/schema.py:568: in get_schema_csn
"objectclass=*", ['nsSchemaCSN'])
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:854: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:848: in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:165: in inner
objtype, data = f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:740: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:744: in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4526ef0>
func = <built-in method result4 of LDAP object at 0x7f8fc4504698>
args = (63, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_2 ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_3 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_3(topology_m2):
'''
Resume replication M2->M1 and check replication is still working
'''
_header(topology_m2, 'test_ticket47988_3')

> _resume_M2_to_M1(topology_m2)

/export/tests/tickets/ticket47988_test.py:281:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:220: in _resume_M2_to_M1
ents = topology_m2.ms["master2"].agreement.list(suffix=SUFFIX)
/usr/local/lib/python3.7/site-packages/lib389/agreement.py:852: in list
replica_entries = self.conn.replica.list(suffix)
/usr/local/lib/python3.7/site-packages/lib389/replica.py:168: in list
ents = self.conn.search_s(base, ldap.SCOPE_SUBTREE, filtr)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:854: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:847: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:843: in search_ext
timeout,sizelimit,
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc45222b0>
func = <built-in method search_ext of LDAP object at 0x7f8fc45a83c8>
args = ('cn=mapping tree,cn=config', 2, '(&(objectclass=nsds5Replica)(nsDS5ReplicaRoot=dc=example,dc=com))', None, 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_3 ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ################################################### ticket47988_test.py 219 INFO ######################### resume RA M2->M1 ######################
Failed tickets/ticket47988_test.py::test_ticket47988_4 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_4(topology_m2):
'''
Check schemaCSN is identical on both server
And save the nsschemaCSN to later check they do not change unexpectedly
'''
_header(topology_m2, 'test_ticket47988_4')

> master1_schema_csn = topology_m2.ms["master1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:293:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/schema.py:568: in get_schema_csn
"objectclass=*", ['nsSchemaCSN'])
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:854: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:847: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:843: in search_ext
timeout,sizelimit,
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4526ef0>
func = <built-in method search_ext of LDAP object at 0x7f8fc4504698>
args = ('cn=schema', 0, 'objectclass=*', ['nsSchemaCSN'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_4 ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_5 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_5(topology_m2):
'''
Check schemaCSN do not change unexpectedly
'''
_header(topology_m2, 'test_ticket47988_5')

> _do_update_entry(supplier=topology_m2.ms["master1"], consumer=topology_m2.ms["master2"], attempts=5)

/export/tests/tickets/ticket47988_test.py:311:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:182: in _do_update_entry
supplier.modify_s(entryDN, mod)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:603: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:600: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4526ef0>
func = <built-in method modify_ext of LDAP object at 0x7f8fc4504698>
args = ('cn=other_entry0,dc=example,dc=com', [(2, 'telephonenumber', b'162')], None, None)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_5 ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_6 0.00
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4526cc0>

def test_ticket47988_6(topology_m2):
'''
Update M1 schema and trigger update M2->M1
So M2 should learn new/extended definitions that are in M1 schema
'''

_header(topology_m2, 'test_ticket47988_6')

topology_m2.ms["master1"].log.debug("\n\nUpdate M1 schema and an entry on M1\n")
> master1_schema_csn = topology_m2.ms["master1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:334:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/schema.py:568: in get_schema_csn
"objectclass=*", ['nsSchemaCSN'])
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:854: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:847: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:843: in search_ext
timeout,sizelimit,
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4526ef0>
func = <built-in method search_ext of LDAP object at 0x7f8fc4504698>
args = ('cn=schema', 0, 'objectclass=*', ['nsSchemaCSN'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket47988_test.py 62 INFO ############################################### ticket47988_test.py 63 INFO ####### ticket47988_test.py 64 INFO ####### test_ticket47988_6 ticket47988_test.py 65 INFO ####### ticket47988_test.py 66 INFO ###################################################
Failed tickets/ticket48005_test.py::test_ticket48005_automember 3.45
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc453f860>

def test_ticket48005_automember(topology_st):
'''
Enable automember and referint plugin
1. Run automember rebuild membership task without waiting
Shutdown the server
Check if a core file was generated or not
If no core was found, this test case was successful.
2. Run automember export updates task without waiting
Shutdown the server
Check if a core file was generated or not
If no core was found, this test case was successful.
3. Run automember map updates task without waiting
Shutdown the server
Check if a core file was generated or not
If no core was found, this test case was successful.
'''
log.info("Ticket 48005 automember test...")
topology_st.standalone.plugins.enable(name=PLUGIN_AUTOMEMBER)
topology_st.standalone.plugins.enable(name=PLUGIN_REFER_INTEGRITY)

# configure automember config entry
log.info('Adding automember config')
try:
topology_st.standalone.add_s(Entry(('cn=group cfg,cn=Auto Membership Plugin,cn=plugins,cn=config', {
'objectclass': 'top autoMemberDefinition'.split(),
'autoMemberScope': 'dc=example,dc=com',
'autoMemberFilter': 'objectclass=inetorgperson',
'autoMemberDefaultGroup': 'cn=group0,dc=example,dc=com',
'autoMemberGroupingAttr': 'uniquemember:dn',
'cn': 'group cfg'})))
except ValueError:
log.error('Failed to add automember config')
assert False

topology_st.standalone.restart(timeout=10)

try:
# run the automember rebuild task
topology_st.standalone.tasks.automemberRebuild(suffix=SUFFIX, args={TASK_WAIT: False})
except ValueError:
log.error('Automember rebuild task failed.')
assert False

topology_st.standalone.stop(timeout=10)

mytmp = '/tmp'
logdir = re.sub('errors', '', topology_st.standalone.errlog)
cmdline = 'ls ' + logdir + 'core*'
p = os.popen(cmdline, "r")
lcore = p.readline()
if lcore != "":
s.system('mv %score* %s/core.ticket48005_automember_rebuild' % (logdir, mytmp))
log.error('Automember_rebuld: Moved core file(s) to %s; Test failed' % mytmp)
assert False
log.info('No core files are found')

topology_st.standalone.start(timeout=10)

ldif_out_file = mytmp + "/ticket48005_automember_exported.ldif"
try:
# run the automember export task
topology_st.standalone.tasks.automemberExport(suffix=SUFFIX, ldif_out=ldif_out_file, args={TASK_WAIT: False})
except ValueError:
log.error('Automember Export task failed.')
assert False

topology_st.standalone.stop(timeout=10)

logdir = re.sub('errors', '', topology_st.standalone.errlog)
cmdline = 'ls ' + logdir + 'core*'
p = os.popen(cmdline, "r")
lcore = p.readline()
if lcore != "":
s.system('mv %score* %s/core.ticket48005_automember_export' % (logdir, mytmp))
log.error('Automember_export: Moved core file(s) to %s; Test failed' % mytmp)
assert False
log.info('No core files are found')

> topology_st.standalone.start(timeout=10)

/export/tests/tickets/ticket48005_test.py:198:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
----------------------------- Captured stderr call -----------------------------
ls: cannot access '/var/log/dirsrv/slapd-standalone1/core*': No such file or directory ls: cannot access '/var/log/dirsrv/slapd-standalone1/core*': No such file or directory Job for dirsrv@standalone1.service failed because a fatal signal was delivered to the control process. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ticket48005_test.py 136 INFO Ticket 48005 automember test... ticket48005_test.py 141 INFO Adding automember config tasks.py 927 INFO Automember Rebuild Membership task(task-03232019_213955) completedsuccessfully ticket48005_test.py 174 INFO No core files are found tasks.py 980 INFO Automember Export Updates task (task-03232019_213956) completed successfully ticket48005_test.py 196 INFO No core files are found
Failed tickets/ticket48005_test.py::test_ticket48005_syntaxvalidate 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc453f860>

def test_ticket48005_syntaxvalidate(topology_st):
'''
Run syntax validate task without waiting
Shutdown the server
Check if a core file was generated or not
If no core was found, this test case was successful.
'''
log.info("Ticket 48005 syntax validate test...")

try:
# run the fixup task
> topology_st.standalone.tasks.syntaxValidate(suffix=SUFFIX, args={TASK_WAIT: False})

/export/tests/tickets/ticket48005_test.py:243:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/tasks.py:1181: in syntaxValidate
self.conn.add_s(entry)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:430: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:195: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc45a4f98>
func = <built-in method result4 of LDAP object at 0x7f8fc41cd710>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48005_test.py 239 INFO Ticket 48005 syntax validate test...
Failed tickets/ticket48005_test.py::test_ticket48005_usn 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc453f860>

def test_ticket48005_usn(topology_st):
'''
Enable entryusn
Delete all user entries.
Run USN tombstone cleanup task
Shutdown the server
Check if a core file was generated or not
If no core was found, this test case was successful.
'''
log.info("Ticket 48005 usn test...")
> topology_st.standalone.plugins.enable(name=PLUGIN_USN)

/export/tests/tickets/ticket48005_test.py:276:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/plugins.py:1879: in enable
plugin = self.get(selector=name)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:990: in get
results = self._get_selector(selector)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:1027: in _get_selector
escapehatch='i am sure'
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:847: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:843: in search_ext
timeout,sizelimit,
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc45a4f98>
func = <built-in method search_ext of LDAP object at 0x7f8fc41cd710>
args = ('cn=plugins,cn=config', 2, '(&(&(objectclass=top)(objectclass=nsslapdplugin))(|(cn=USN)(nsslapd-pluginPath=USN)))', ['dn', 'nsslapd-pluginPath'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48005_test.py 275 INFO Ticket 48005 usn test...
Failed tickets/ticket48005_test.py::test_ticket48005_schemareload 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc453f860>

def test_ticket48005_schemareload(topology_st):
'''
Run schema reload task without waiting
Shutdown the server
Check if a core file was generated or not
If no core was found, this test case was successful.
'''
log.info("Ticket 48005 schema reload test...")

try:
# run the schema reload task
> topology_st.standalone.tasks.schemaReload(args={TASK_WAIT: False})

/export/tests/tickets/ticket48005_test.py:336:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/tasks.py:1095: in schemaReload
self.conn.add_s(entry)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:430: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:195: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:415: in add_ext_s
msgid = self.add_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:195: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:412: in add_ext
return self._ldap_call(self._l.add_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc45a4f98>
func = <built-in method add_ext of LDAP object at 0x7f8fc41cd710>
args = ('cn=task-03232019_213957,cn=schema reload task,cn=tasks,cn=config', [('objectclass', [b'top', b'extensibleObject']), ('cn', [b'task-03232019_213957'])], None, None)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48005_test.py 332 INFO Ticket 48005 schema reload test...
Failed tickets/ticket48109_test.py::test_ticket48109 4.35
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc431a2e8>

def test_ticket48109(topology_st):
'''
Set SubStr lengths to cn=uid,cn=index,...
objectClass: extensibleObject
nsIndexType: sub
nsSubStrBegin: 2
nsSubStrEnd: 2
'''
log.info('Test case 0')
# add substr setting to UID_INDEX
try:
topology_st.standalone.modify_s(UID_INDEX,
[(ldap.MOD_ADD, 'objectClass', b'extensibleObject'),
(ldap.MOD_ADD, 'nsIndexType', b'sub'),
(ldap.MOD_ADD, 'nsSubStrBegin', b'2'),
(ldap.MOD_ADD, 'nsSubStrEnd', b'2')])
except ldap.LDAPError as e:
log.error('Failed to add substr lengths: error {}'.format(e.args[0]['desc']))
assert False

# restart the server to apply the indexing
topology_st.standalone.restart(timeout=10)

# add a test user
UID = 'auser0'
USER_DN = 'uid=%s,%s' % (UID, SUFFIX)
try:
topology_st.standalone.add_s(Entry((USER_DN, {
'objectclass': 'top person organizationalPerson inetOrgPerson'.split(),
'cn': 'a user0',
'sn': 'user0',
'givenname': 'a',
'mail': UID})))
except ldap.LDAPError as e:
log.error('Failed to add ' + USER_DN + ': error {}'.format(e.args[0]['desc']))
assert False

entries = topology_st.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, '(uid=a*)')
assert len(entries) == 1

# restart the server to check the access log
topology_st.standalone.restart(timeout=10)

cmdline = 'egrep %s %s | egrep "uid=a\*"' % (SUFFIX, topology_st.standalone.accesslog)
p = os.popen(cmdline, "r")
l0 = p.readline()
if l0 == "":
log.error('Search with "(uid=a*)" is not logged in ' + topology_st.standalone.accesslog)
> assert False
E assert False

/export/tests/tickets/ticket48109_test.py:70: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ticket48109_test.py 30 INFO Test case 0 ticket48109_test.py 69 ERROR Search with "(uid=a*)" is not logged in /var/log/dirsrv/slapd-standalone1/access
Failed tickets/ticket48194_test.py::test_init 3.51
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_init(topology_st):
"""
Generate self signed cert and import it to the DS cert db.
Enable SSL
"""
_header(topology_st, 'Testing Ticket 48194 - harden the list of ciphers available by default')

nss_ssl = NssSsl(dbpath=topology_st.standalone.get_cert_dir())
nss_ssl.reinit()
nss_ssl.create_rsa_ca()
nss_ssl.create_rsa_key_and_cert()

log.info("\n######################### enable SSL in the directory server with all ciphers ######################\n")
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_REPLACE, 'nsSSL3', b'off'),
(ldap.MOD_REPLACE, 'nsTLS1', b'on'),
(ldap.MOD_REPLACE, 'nsSSLClientAuth', b'allowed'),
(ldap.MOD_REPLACE, 'allowWeakCipher', b'on'),
(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'+all')])

topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'nsslapd-security', b'on'),
(ldap.MOD_REPLACE, 'nsslapd-ssl-check-hostname', b'off'),
(ldap.MOD_REPLACE, 'nsslapd-secureport', ensure_bytes(LDAPSPORT))])

topology_st.standalone.add_s(Entry((RSA_DN, {'objectclass': "top nsEncryptionModule".split(),
'cn': RSA,
'nsSSLPersonalitySSL': SERVERCERT,
'nsSSLToken': 'internal (software)',
> 'nsSSLActivation': 'on'})))

/export/tests/tickets/ticket48194_test.py:72:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:193: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:430: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:195: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:416: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method result4 of LDAP object at 0x7f8fc43dfee0>
args = (6, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.ALREADY_EXISTS: {'desc': 'Already exists'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: ALREADY_EXISTS
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Testing Ticket 48194 - harden the list of ciphers available by default ticket48194_test.py 41 INFO ############################################### ticket48194_test.py 56 INFO ######################### enable SSL in the directory server with all ciphers ######################
Failed tickets/ticket48194_test.py::test_run_0 1.32
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_0(topology_st):
"""
Check nsSSL3Ciphers: +all
All ciphers are enabled except null.
Note: allowWeakCipher: on
"""
_header(topology_st, 'Test Case 1 - Check the ciphers availability for "+all"; allowWeakCipher: on')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', b'64')])

log.info("\n######################### Restarting the server ######################\n")
> topology_st.standalone.restart(timeout=120)

/export/tests/tickets/ticket48194_test.py:130:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 1 - Check the ciphers availability for "+all"; allowWeakCipher: on ticket48194_test.py 41 INFO ############################################### ticket48194_test.py 129 INFO ######################### Restarting the server ######################
Failed tickets/ticket48194_test.py::test_run_1 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_1(topology_st):
"""
Check nsSSL3Ciphers: +all
All ciphers are enabled except null.
Note: default allowWeakCipher (i.e., off) for +all
"""
_header(topology_st, 'Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:144:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:446: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method result4 of LDAP object at 0x7f8fc43dfee0>
args = (9, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_2 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_2(topology_st):
"""
Check nsSSL3Ciphers: +rsa_aes_128_sha,+rsa_aes_256_sha
rsa_aes_128_sha, tls_rsa_aes_128_sha, rsa_aes_256_sha, tls_rsa_aes_256_sha are enabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:169:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_3 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_3(topology_st):
"""
Check nsSSL3Ciphers: -all
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 4 - Check the ciphers availability for "-all"')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:194:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 4 - Check the ciphers availability for "-all" ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_4 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_4(topology_st):
"""
Check no nsSSL3Ciphers
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 5 - Check no nsSSL3Ciphers (-all) with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:216:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 5 - Check no nsSSL3Ciphers (-all) with default allowWeakCipher ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_5 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_5(topology_st):
"""
Check nsSSL3Ciphers: default
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:238:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_6 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_6(topology_st):
"""
Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 7 - Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256 with default allowWeakCipher')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:261:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 7 - Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256 with default allowWeakCipher ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_8 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_8(topology_st):
"""
Check nsSSL3Ciphers: default + allowWeakCipher: off
Strong Default ciphers are enabled.
"""
_header(topology_st, 'Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off)')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:284:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off) ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_9 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_9(topology_st):
"""
Check no nsSSL3Ciphers
Default ciphers are enabled.
allowWeakCipher: on
nsslapd-errorlog-level: 0
"""
_header(topology_st,
'Test Case 10 - Check no nsSSL3Ciphers (default setting) with no errorlog-level & allowWeakCipher on')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:309:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 10 - Check no nsSSL3Ciphers (default setting) with no errorlog-level & allowWeakCipher on ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48194_test.py::test_run_11 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc40f0f60>

def test_run_11(topology_st):
"""
Check nsSSL3Ciphers: +fortezza
SSL_GetImplementedCiphers does not return this as a secuire cipher suite
"""
_header(topology_st, 'Test Case 12 - Check nsSSL3Ciphers: +fortezza, which is not supported')

> topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

/export/tests/tickets/ticket48194_test.py:332:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:445: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:439: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4593eb8>
func = <built-in method simple_bind of LDAP object at 0x7f8fc43dfee0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: SERVER_DOWN
------------------------------ Captured log call -------------------------------
ticket48194_test.py 39 INFO ############################################### ticket48194_test.py 40 INFO ####### Test Case 12 - Check nsSSL3Ciphers: +fortezza, which is not supported ticket48194_test.py 41 INFO ###############################################
Failed tickets/ticket48226_test.py::test_ticket48226_set_purgedelay 0.01
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4598400>

def test_ticket48226_set_purgedelay(topology_m2):
args = {REPLICA_PURGE_DELAY: '5',
REPLICA_PURGE_INTERVAL: '5'}
try:
> topology_m2.ms["master1"].replica.setProperties(DEFAULT_SUFFIX, None, None, args)

/export/tests/tickets/ticket48226_test.py:25:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.replica.ReplicaLegacy object at 0x7f8fc4106860>
suffix = 'dc=example,dc=com', replica_dn = None, replica_entry = None
properties = {'ReplicaPurgeDelay': '5', 'ReplicaTombstonePurgeInterval': '5'}

def setProperties(self, suffix=None, replica_dn=None, replica_entry=None,
properties=None):
'''
Set the properties of the replica. If an 'replica_entry' (Entry) is
provided, it updates the entry, else it updates the entry on the
server. If the 'replica_dn' is provided it retrieves the entry
using it, else it retrieve the replica using the 'suffix'.

@param suffix : suffix stored in that replica (online update)
@param replica_dn: DN of the replica (online update)
@param replica_entry: Entry of a replica (offline update)
@param properties: dictionary of properties
Supported properties are:
REPLICA_SUFFIX
REPLICA_ID
REPLICA_TYPE
REPLICA_BINDDN
REPLICA_PURGE_DELAY
REPLICA_PRECISE_PURGING
REPLICA_REFERRAL
REPLICA_FLAGS

@return None

@raise ValueError: if unknown properties
ValueError: if invalid replica_entry
ValueError: if replica_dn or suffix are not associated to
a replica

'''

# No properties provided
if len(properties) == 0:
return

# check that the given properties are valid
for prop in properties:
# skip the prefix to add/del value
if not inProperties(prop, REPLICA_PROPNAME_TO_ATTRNAME):
raise ValueError("unknown property: %s" % prop)
else:
self.log.debug("setProperties: %s:%s",
prop, properties[prop])

# At least we need to have suffix/replica_dn/replica_entry
if not suffix and not replica_dn and not replica_entry:
raise InvalidArgumentError("suffix and replica_dn and replica_" +
"entry are missing")

# the caller provides a set of properties to set into a replica entry
if replica_entry:
if not isinstance(replica_entry, Entry):
raise ValueError("invalid instance of the replica_entry")

# that is fine, now set the values
for prop in properties:
val = rawProperty(prop)

# for Entry update it is a replace
replica_entry.update({REPLICA_PROPNAME_TO_ATTRNAME[val]:
properties[prop]})

return

# If it provides the suffix or the replicaDN, replica.list will
# return the appropriate entry
ents = self.conn.replica.list(suffix=suffix, replica_dn=replica_dn)
if len(ents) != 1:
if replica_dn:
raise ValueError("invalid replica DN: %s" % replica_dn)
else:
raise ValueError("invalid suffix: %s" % suffix)

# build the MODS
mods = []
for prop in properties:
# take the operation type from the property name
val = rawProperty(prop)
if str(prop).startswith('+'):
op = ldap.MOD_ADD
elif str(prop).startswith('-'):
op = ldap.MOD_DELETE
else:
op = ldap.MOD_REPLACE

mods.append((op, REPLICA_PROPNAME_TO_ATTRNAME[val],
properties[prop]))

# that is fine now to apply the MOD
> self.conn.modify_s(ents[0].dn, mods)

/usr/local/lib/python3.7/site-packages/lib389/replica.py:260:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x557b05070608, file '/usr/local/lib/python3.7/site-packages/lib389/__init__.py', line 197,..., code_context=[' firstresult=hook.spec.opts.get("firstresult") if hook.spec else False,\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x557b05e31248, file '/usr/local/lib/python3.7/site-packages/lib389/replica.py', line 260, c...ca.py', lineno=260, function='setProperties', code_context=[' self.conn.modify_s(ents[0].dn, mods)\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc41062e8>
dn = 'cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config'
modlist = [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc41062e8>
dn = 'cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config'
modlist = [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')]
serverctrls = None, clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
> msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:603:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc41062e8>
dn = 'cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config'
modlist = [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')]
serverctrls = None, clientctrls = None

def modify_ext(self,dn,modlist,serverctrls=None,clientctrls=None):
"""
modify_ext(dn, modlist[,serverctrls=None[,clientctrls=None]]) -> int
"""
if PY2:
dn = self._bytesify_input('dn', dn)
modlist = self._bytesify_modlist('modlist', modlist, with_opcode=True)
> return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:600:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method modify_ext of LDAP object at 0x7f8fc3e88b48>, 'cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc41062e8>
func = <built-in method modify_ext of LDAP object at 0x7f8fc3e88b48>
args = ('cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsds5ReplicaPurgeDelay', '5'), (2, 'nsds5ReplicaTombstonePurgeInterval', '5')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', '5')

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: TypeError

During handling of the above exception, another exception occurred:

topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4598400>

def test_ticket48226_set_purgedelay(topology_m2):
args = {REPLICA_PURGE_DELAY: '5',
REPLICA_PURGE_INTERVAL: '5'}
try:
topology_m2.ms["master1"].replica.setProperties(DEFAULT_SUFFIX, None, None, args)
except:
log.fatal('Failed to configure replica')
> assert False
E assert False

/export/tests/tickets/ticket48226_test.py:28: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists------------------------------ Captured log call -------------------------------
ticket48226_test.py 27 CRITICAL Failed to configure replica
Failed tickets/ticket48226_test.py::test_ticket48226_1 0.01
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4598400>

def test_ticket48226_1(topology_m2):
name = 'test_entry'
dn = "cn=%s,%s" % (name, SUFFIX)

topology_m2.ms["master1"].add_s(Entry((dn, {'objectclass': "top person".split(),
'sn': name,
'cn': name})))

# First do an update that is replicated
mods = [(ldap.MOD_ADD, 'description', '5')]
> topology_m2.ms["master1"].modify_s(dn, mods)

/export/tests/tickets/ticket48226_test.py:50:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:603: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:600: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc41062e8>
func = <built-in method modify_ext of LDAP object at 0x7f8fc3e88b48>
args = ('cn=test_entry,dc=example,dc=com', [(0, 'description', '5')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', '5')

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: TypeError
Failed tickets/ticket48233_test.py::test_ticket48233 4.17
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc3f46d68>

def test_ticket48233(topology_st):
"""Test that ACI's that use IP restrictions do not crash the server at
shutdown
"""

# Add aci to restrict access my ip
aci_text = ('(targetattr != "userPassword")(version 3.0;acl ' +
'"Enable anonymous access - IP"; allow (read,compare,search)' +
'(userdn = "ldap:///anyone") and (ip="127.0.0.1");)')

try:
topology_st.standalone.modify_s(DEFAULT_SUFFIX, [(ldap.MOD_ADD, 'aci', ensure_bytes(aci_text))])
except ldap.LDAPError as e:
log.error('Failed to add aci: ({}) error {}'.format(aci_text,e.args[0]['desc']))
assert False
time.sleep(1)

# Anonymous search to engage the aci
try:
topology_st.standalone.simple_bind_s("", "")
except ldap.LDAPError as e:
log.error('Failed to anonymously bind -error {}'.format(e.args[0]['desc']))
assert False

try:
entries = topology_st.standalone.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, 'objectclass=*')
if not entries:
log.fatal('Failed return an entries from search')
assert False
except ldap.LDAPError as e:
log.fatal('Search failed: ' + e.message['desc'])
assert False

# Restart the server
topology_st.standalone.restart(timeout=10)

# Check for crash
if topology_st.standalone.detectDisorderlyShutdown():
log.fatal('Server crashed!')
> assert False
E assert False

/export/tests/tickets/ticket48233_test.py:50: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ticket48233_test.py 49 CRITICAL Server crashed!
Failed tickets/ticket48252_test.py::test_ticket48252_run_1 2.38
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc42bf860>

def test_ticket48252_run_1(topology_st):
"""
Delete an entry cn=test_entry1
Check it is in the 'objectclass' index file as a tombstone entry
"""
log.info("Case 2 - Check deleted entry is in the 'objectclass' index file as a tombstone entry")
uas = UserAccounts(topology_st.standalone, DEFAULT_SUFFIX)
del_rdn = "uid=%s1" % TEST_USER
del_entry = uas.get('%s1' % TEST_USER)
log.info(" Deleting a test entry %s..." % del_rdn)
del_entry.delete()

entry = topology_st.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, '(&(objectclass=nstombstone)(%s))' % del_rdn)
assert len(entry) == 1
log.info(" entry %s is in the objectclass index file." % del_rdn)

log.info(" db2index - reindexing %s ..." % 'objectclass')
topology_st.standalone.stop()
assert topology_st.standalone.db2index(bename=None, suffixes='objectclass')
topology_st.standalone.start()
entry = topology_st.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, '(&(objectclass=nstombstone)(%s))' % del_rdn)
> assert len(entry) == 1
E assert 0 == 1
E -0
E +1

/export/tests/tickets/ticket48252_test.py:109: AssertionError
----------------------------- Captured stderr call -----------------------------
[23/Mar/2019:21:41:48.029406983 -0400] - INFO - ldbm_instance_config_cachememsize_set - force a minimal value 512000 [23/Mar/2019:21:41:48.033402173 -0400] - INFO - check_and_set_import_cache - pagesize: 4096, available bytes 7653511168, process usage 22732800 [23/Mar/2019:21:41:48.034128409 -0400] - INFO - check_and_set_import_cache - Import allocates 2989652KB import cache. [23/Mar/2019:21:41:48.035278300 -0400] - INFO - dblayer_copy_directory - Backing up file 0 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/cn.db) [23/Mar/2019:21:41:48.036145519 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/cn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/cn.db [23/Mar/2019:21:41:48.036787864 -0400] - INFO - dblayer_copy_directory - Backing up file 1 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/ancestorid.db) [23/Mar/2019:21:41:48.037288805 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/ancestorid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/ancestorid.db [23/Mar/2019:21:41:48.037901859 -0400] - INFO - dblayer_copy_directory - Backing up file 2 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/numsubordinates.db) [23/Mar/2019:21:41:48.038432896 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/numsubordinates.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/numsubordinates.db [23/Mar/2019:21:41:48.038975560 -0400] - INFO - dblayer_copy_directory - Backing up file 3 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/nsuniqueid.db) [23/Mar/2019:21:41:48.039648163 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/nsuniqueid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/nsuniqueid.db [23/Mar/2019:21:41:48.040208731 -0400] - INFO - dblayer_copy_directory - Backing up file 4 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/entryrdn.db) [23/Mar/2019:21:41:48.040771537 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/entryrdn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/entryrdn.db [23/Mar/2019:21:41:48.041236686 -0400] - INFO - dblayer_copy_directory - Backing up file 5 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/aci.db) [23/Mar/2019:21:41:48.041661877 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/aci.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/aci.db [23/Mar/2019:21:41:48.042135844 -0400] - INFO - dblayer_copy_directory - Backing up file 6 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/uniquemember.db) [23/Mar/2019:21:41:48.042606376 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/uniquemember.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/uniquemember.db [23/Mar/2019:21:41:48.043097579 -0400] - INFO - dblayer_copy_directory - Backing up file 7 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/nscpEntryDN.db) [23/Mar/2019:21:41:48.043553931 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/nscpEntryDN.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/nscpEntryDN.db [23/Mar/2019:21:41:48.044029394 -0400] - INFO - dblayer_copy_directory - Backing up file 8 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/sn.db) [23/Mar/2019:21:41:48.044474272 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/sn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/sn.db [23/Mar/2019:21:41:48.045059247 -0400] - INFO - dblayer_copy_directory - Backing up file 9 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/DBVERSION) [23/Mar/2019:21:41:48.045581368 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/DBVERSION to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/DBVERSION [23/Mar/2019:21:41:48.046127170 -0400] - INFO - dblayer_copy_directory - Backing up file 10 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/objectclass.db) [23/Mar/2019:21:41:48.046683693 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/objectclass.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/objectclass.db [23/Mar/2019:21:41:48.047363957 -0400] - INFO - dblayer_copy_directory - Backing up file 11 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/parentid.db) [23/Mar/2019:21:41:48.047873039 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/parentid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/parentid.db [23/Mar/2019:21:41:48.048388987 -0400] - INFO - dblayer_copy_directory - Backing up file 12 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/entryusn.db) [23/Mar/2019:21:41:48.048835866 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/entryusn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/entryusn.db [23/Mar/2019:21:41:48.049325180 -0400] - INFO - dblayer_copy_directory - Backing up file 13 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/uid.db) [23/Mar/2019:21:41:48.049791367 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/uid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/uid.db [23/Mar/2019:21:41:48.050293161 -0400] - INFO - dblayer_copy_directory - Backing up file 14 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/id2entry.db) [23/Mar/2019:21:41:48.050775744 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/id2entry.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/userRoot/id2entry.db [23/Mar/2019:21:41:48.051551216 -0400] - INFO - upgradedb_core - userRoot: Start upgradedb. [23/Mar/2019:21:41:48.052283928 -0400] - INFO - dblayer_instance_start - Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [23/Mar/2019:21:41:48.170565734 -0400] - INFO - import_main_offline - reindex userRoot: Index buffering enabled with bucket size 100 [23/Mar/2019:21:41:48.872924022 -0400] - INFO - import_monitor_threads - reindex userRoot: Workers finished; cleaning up... [23/Mar/2019:21:41:49.074214903 -0400] - INFO - import_monitor_threads - reindex userRoot: Workers cleaned up. [23/Mar/2019:21:41:49.075204709 -0400] - INFO - import_main_offline - reindex userRoot: Cleaning up producer thread... [23/Mar/2019:21:41:49.075735811 -0400] - INFO - import_main_offline - reindex userRoot: Indexing complete. Post-processing... [23/Mar/2019:21:41:49.076364347 -0400] - INFO - import_main_offline - reindex userRoot: Generating numsubordinates (this may take several minutes to complete)... [23/Mar/2019:21:41:49.076939494 -0400] - INFO - import_main_offline - reindex userRoot: Generating numSubordinates complete. [23/Mar/2019:21:41:49.077480268 -0400] - INFO - ldbm_get_nonleaf_ids - reindex userRoot: Gathering ancestorid non-leaf IDs... [23/Mar/2019:21:41:49.077966285 -0400] - INFO - ldbm_get_nonleaf_ids - reindex userRoot: Finished gathering ancestorid non-leaf IDs. [23/Mar/2019:21:41:49.079293120 -0400] - INFO - ldbm_ancestorid_new_idl_create_index - reindex userRoot: Creating ancestorid index (new idl)... [23/Mar/2019:21:41:49.079936646 -0400] - INFO - ldbm_ancestorid_new_idl_create_index - reindex userRoot: Created ancestorid index (new idl). [23/Mar/2019:21:41:49.080483986 -0400] - INFO - import_main_offline - reindex userRoot: Flushing caches... [23/Mar/2019:21:41:49.080890874 -0400] - INFO - import_main_offline - reindex userRoot: Closing files... [23/Mar/2019:21:41:49.104710660 -0400] - INFO - dblayer_pre_close - All database threads now stopped [23/Mar/2019:21:41:49.105592138 -0400] - INFO - import_main_offline - reindex userRoot: Reindexing complete. Processed 18 entries in 1 seconds. (18.00 entries/sec) [23/Mar/2019:21:41:49.106357588 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/log.0000000001 to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T21:41:47.919428/log.0000000001 [23/Mar/2019:21:41:49.115167582 -0400] - WARN - dblayer_get_home_dir - Db home directory is not set. Possibly nsslapd-directory (optionally nsslapd-db-home-directory) is missing in the config file. [23/Mar/2019:21:41:49.115810816 -0400] - ERR - dblayer_copyfile - Failed to open source file (null)/DBVERSION by "No such file or directory" [23/Mar/2019:21:41:49.116365705 -0400] - INFO - dblayer_pre_close - All database threads now stopped
Failed tickets/ticket48637_test.py::test_ticket48637 2.22
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc413d160>

def test_ticket48637(topology_st):
"""Test for entry cache corruption

This requires automember and managed entry plugins to be configured.

Then remove the group that automember would use to trigger a failure when
adding a new entry. Automember fails, and then managed entry also fails.

Make sure a base search on the entry returns error 32
"""

if DEBUGGING:
# Add debugging steps(if any)...
pass

#
# Add our setup entries
#
try:
topology_st.standalone.add_s(Entry((PEOPLE_OU, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'people'})))
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError as e:
log.fatal('Failed to add people ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((GROUP_OU, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'groups'})))
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError as e:
log.fatal('Failed to add groups ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((MEP_OU, {
'objectclass': 'top extensibleObject'.split(),
'ou': 'mep'})))
except ldap.LDAPError as e:
log.fatal('Failed to add MEP ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((MEP_TEMPLATE, {
'objectclass': 'top mepTemplateEntry'.split(),
'cn': 'mep template',
'mepRDNAttr': 'cn',
'mepStaticAttr': 'objectclass: groupofuniquenames',
'mepMappedAttr': 'cn: $uid'})))
except ldap.LDAPError as e:
log.fatal('Failed to add MEP ou: ' + str(e))
assert False

#
# Configure automember
#
try:
topology_st.standalone.add_s(Entry((AUTO_DN, {
'cn': 'All Users',
'objectclass': ['top', 'autoMemberDefinition'],
'autoMemberScope': 'dc=example,dc=com',
'autoMemberFilter': 'objectclass=person',
'autoMemberDefaultGroup': GROUP_DN,
'autoMemberGroupingAttr': 'uniquemember:dn'})))
except ldap.LDAPError as e:
log.fatal('Failed to configure automember plugin : ' + str(e))
assert False

#
# Configure managed entry plugin
#
try:
topology_st.standalone.add_s(Entry((MEP_DN, {
'cn': 'MEP Definition',
'objectclass': ['top', 'extensibleObject'],
'originScope': 'ou=people,dc=example,dc=com',
'originFilter': 'objectclass=person',
'managedBase': 'ou=groups,dc=example,dc=com',
'managedTemplate': MEP_TEMPLATE})))
except ldap.LDAPError as e:
log.fatal('Failed to configure managed entry plugin : ' + str(e))
assert False

#
# Restart DS
#
topology_st.standalone.restart(timeout=30)

#
# Add entry that should fail since the automember group does not exist
#
try:
topology_st.standalone.add_s(Entry((USER_DN, {
'uid': 'test',
'objectclass': ['top', 'person', 'extensibleObject'],
'sn': 'test',
'cn': 'test'})))
except ldap.LDAPError as e:
pass

#
# Search for the entry - it should not be returned
#
try:
entry = topology_st.standalone.search_s(USER_DN, ldap.SCOPE_SUBTREE,
'objectclass=*')
if entry:
log.fatal('Entry was incorrectly returned')
> assert False
E assert False

/export/tests/tickets/ticket48637_test.py:137: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ticket48637_test.py 136 CRITICAL Entry was incorrectly returned
Failed tickets/ticket48755_test.py::test_ticket48755 0.00
Fixture "add_ou_entry" called directly. Fixtures are not meant to be called directly,
but are created automatically when test functions request them as parameters.
See https://docs.pytest.org/en/latest/fixture.html for more information about fixtures, and
https://docs.pytest.org/en/latest/deprecations.html#calling-fixtures-directly about how to update your code.
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists------------------------------ Captured log call -------------------------------
ticket48755_test.py 82 INFO Ticket 48755 - moving an entry could make the online init fail ticket48755_test.py 87 INFO Generating DIT_0
Failed tickets/ticket48784_test.py::test_ticket48784 4.38
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc43a2080>

def test_ticket48784(topology_m2):
"""
Set up 2way MMR:
master_1 <----- startTLS -----> master_2

Make sure the replication is working.
Then, stop the servers and set only TLS1.0 on master_1 while TLS1.2 on master_2
Replication is supposed to fail.
"""
log.info("Ticket 48784 - Allow usage of OpenLDAP libraries that don't use NSS for crypto")

#create_keys_certs(topology_m2)
> [i.enable_tls() for i in topology_m2]

/export/tests/tickets/ticket48784_test.py:91:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48784_test.py:91: in <listcomp>
[i.enable_tls() for i in topology_m2]
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@master1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@master1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists----------------------------- Captured stderr call -----------------------------
Job for dirsrv@master1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@master1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ticket48784_test.py 88 INFO Ticket 48784 - Allow usage of OpenLDAP libraries that don't use NSS for crypto
Failed tickets/ticket48798_test.py::test_ticket48798 4.40
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43c6ac8>

def test_ticket48798(topology_st):
"""
Test DH param sizes offered by DS.

"""
> topology_st.standalone.enable_tls()

/export/tests/tickets/ticket48798_test.py:38:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Failed tickets/ticket48906_test.py::test_ticket48906_dblock_ldap_update 0.04
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43b27b8>

def test_ticket48906_dblock_ldap_update(topology_st):
topology_st.standalone.log.info('###################################')
topology_st.standalone.log.info('###')
topology_st.standalone.log.info('### Check that after ldap update')
topology_st.standalone.log.info('### - monitor contains DEFAULT')
topology_st.standalone.log.info('### - configured contains DBLOCK_LDAP_UPDATE')
topology_st.standalone.log.info('### - After stop dse.ldif contains DBLOCK_LDAP_UPDATE')
topology_st.standalone.log.info('### - After stop guardian contains DEFAULT')
topology_st.standalone.log.info('### In fact guardian should differ from config to recreate the env')
topology_st.standalone.log.info('### Check that after restart (DBenv recreated)')
topology_st.standalone.log.info('### - monitor contains DBLOCK_LDAP_UPDATE ')
topology_st.standalone.log.info('### - configured contains DBLOCK_LDAP_UPDATE')
topology_st.standalone.log.info('### - dse.ldif contains DBLOCK_LDAP_UPDATE')
topology_st.standalone.log.info('###')
topology_st.standalone.log.info('###################################')

topology_st.standalone.modify_s(ldbm_config, [(ldap.MOD_REPLACE, DBLOCK_ATTR_CONFIG, ensure_bytes(DBLOCK_LDAP_UPDATE))])
_check_monitored_value(topology_st, DBLOCK_DEFAULT)
_check_configured_value(topology_st, attr=DBLOCK_ATTR_CONFIG, expected_value=DBLOCK_LDAP_UPDATE, required=True)

topology_st.standalone.stop(timeout=10)
_check_dse_ldif_value(topology_st, attr=DBLOCK_ATTR_CONFIG, expected_value=DBLOCK_LDAP_UPDATE)
> _check_guardian_value(topology_st, attr=DBLOCK_ATTR_GUARDIAN, expected_value=DBLOCK_DEFAULT)

/export/tests/tickets/ticket48906_test.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43b27b8>
attr = 'locks', expected_value = '10000'

def _check_guardian_value(topology_st, attr=DBLOCK_ATTR_CONFIG, expected_value=None):
guardian_file = os.path.join(topology_st.standalone.dbdir, 'guardian')
> assert (os.path.exists(guardian_file))
E AssertionError: assert False
E + where False = <function exists at 0x7f8fda2c1510>('/var/lib/dirsrv/slapd-standalone1/db/guardian')
E + where <function exists at 0x7f8fda2c1510> = <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'>.exists
E + where <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'> = os.path

/export/tests/tickets/ticket48906_test.py:125: AssertionError
------------------------------ Captured log call -------------------------------
ticket48906_test.py 158 INFO ################################### ticket48906_test.py 159 INFO ### ticket48906_test.py 160 INFO ### Check that after ldap update ticket48906_test.py 161 INFO ### - monitor contains DEFAULT ticket48906_test.py 162 INFO ### - configured contains DBLOCK_LDAP_UPDATE ticket48906_test.py 163 INFO ### - After stop dse.ldif contains DBLOCK_LDAP_UPDATE ticket48906_test.py 164 INFO ### - After stop guardian contains DEFAULT ticket48906_test.py 165 INFO ### In fact guardian should differ from config to recreate the env ticket48906_test.py 166 INFO ### Check that after restart (DBenv recreated) ticket48906_test.py 167 INFO ### - monitor contains DBLOCK_LDAP_UPDATE ticket48906_test.py 168 INFO ### - configured contains DBLOCK_LDAP_UPDATE ticket48906_test.py 169 INFO ### - dse.ldif contains DBLOCK_LDAP_UPDATE ticket48906_test.py 170 INFO ### ticket48906_test.py 171 INFO ###################################
Failed tickets/ticket48906_test.py::test_ticket48906_dblock_edit_update 0.01
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43b27b8>

def test_ticket48906_dblock_edit_update(topology_st):
topology_st.standalone.log.info('###################################')
topology_st.standalone.log.info('###')
topology_st.standalone.log.info('### Check that after stop')
topology_st.standalone.log.info('### - dse.ldif contains DBLOCK_LDAP_UPDATE')
topology_st.standalone.log.info('### - guardian contains DBLOCK_LDAP_UPDATE')
topology_st.standalone.log.info('### Check that edit dse+restart')
topology_st.standalone.log.info('### - monitor contains DBLOCK_EDIT_UPDATE')
topology_st.standalone.log.info('### - configured contains DBLOCK_EDIT_UPDATE')
topology_st.standalone.log.info('### Check that after stop')
topology_st.standalone.log.info('### - dse.ldif contains DBLOCK_EDIT_UPDATE')
topology_st.standalone.log.info('### - guardian contains DBLOCK_EDIT_UPDATE')
topology_st.standalone.log.info('###')
topology_st.standalone.log.info('###################################')

topology_st.standalone.stop(timeout=10)
_check_dse_ldif_value(topology_st, attr=DBLOCK_ATTR_CONFIG, expected_value=DBLOCK_LDAP_UPDATE)
> _check_guardian_value(topology_st, attr=DBLOCK_ATTR_GUARDIAN, expected_value=DBLOCK_LDAP_UPDATE)

/export/tests/tickets/ticket48906_test.py:205:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43b27b8>
attr = 'locks', expected_value = '20000'

def _check_guardian_value(topology_st, attr=DBLOCK_ATTR_CONFIG, expected_value=None):
guardian_file = os.path.join(topology_st.standalone.dbdir, 'guardian')
> assert (os.path.exists(guardian_file))
E AssertionError: assert False
E + where False = <function exists at 0x7f8fda2c1510>('/var/lib/dirsrv/slapd-standalone1/db/guardian')
E + where <function exists at 0x7f8fda2c1510> = <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'>.exists
E + where <module 'posixpath' from '/usr/lib64/python3.7/posixpath.py'> = os.path

/export/tests/tickets/ticket48906_test.py:125: AssertionError
------------------------------ Captured log call -------------------------------
ticket48906_test.py 189 INFO ################################### ticket48906_test.py 190 INFO ### ticket48906_test.py 191 INFO ### Check that after stop ticket48906_test.py 192 INFO ### - dse.ldif contains DBLOCK_LDAP_UPDATE ticket48906_test.py 193 INFO ### - guardian contains DBLOCK_LDAP_UPDATE ticket48906_test.py 194 INFO ### Check that edit dse+restart ticket48906_test.py 195 INFO ### - monitor contains DBLOCK_EDIT_UPDATE ticket48906_test.py 196 INFO ### - configured contains DBLOCK_EDIT_UPDATE ticket48906_test.py 197 INFO ### Check that after stop ticket48906_test.py 198 INFO ### - dse.ldif contains DBLOCK_EDIT_UPDATE ticket48906_test.py 199 INFO ### - guardian contains DBLOCK_EDIT_UPDATE ticket48906_test.py 200 INFO ### ticket48906_test.py 201 INFO ###################################
Failed tickets/ticket48906_test.py::test_ticket48906_dblock_robust 1.14
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43b27b8>

def test_ticket48906_dblock_robust(topology_st):
topology_st.standalone.log.info('###################################')
topology_st.standalone.log.info('###')
topology_st.standalone.log.info('### Check that the following values are rejected')
topology_st.standalone.log.info('### - negative value')
topology_st.standalone.log.info('### - insuffisant value')
topology_st.standalone.log.info('### - invalid value')
topology_st.standalone.log.info('### Check that minimum value is accepted')
topology_st.standalone.log.info('###')
topology_st.standalone.log.info('###################################')

topology_st.standalone.start(timeout=10)
> _check_monitored_value(topology_st, DBLOCK_EDIT_UPDATE)

/export/tests/tickets/ticket48906_test.py:254:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc43b27b8>
expected_value = '40000'

def _check_monitored_value(topology_st, expected_value):
entries = topology_st.standalone.search_s(ldbm_monitor, ldap.SCOPE_BASE, '(objectclass=*)')
> assert (entries[0].hasValue(DBLOCK_ATTR_MONITOR) and entries[0].getValue(DBLOCK_ATTR_MONITOR) == ensure_bytes(expected_value))
E AssertionError: assert (True and b'20000' == b'40000'
E + where True = <bound method Entry.hasValue of dn: cn=database,cn=monitor,cn=ldbm database,cn=plugins,cn=config\ncn: database\nnsslapd-...ate: 8\nnsslapd-db-pages-in-use: 19\nnsslapd-db-txn-region-wait-rate: 0\nobjectClass: top\nobjectClass: extensibleObject\n\n>('nsslapd-db-configured-locks')
E + where <bound method Entry.hasValue of dn: cn=database,cn=monitor,cn=ldbm database,cn=plugins,cn=config\ncn: database\nnsslapd-...ate: 8\nnsslapd-db-pages-in-use: 19\nnsslapd-db-txn-region-wait-rate: 0\nobjectClass: top\nobjectClass: extensibleObject\n\n> = dn: cn=database,cn=monitor,cn=ldbm database,cn=plugins,cn=config\ncn: database\nnsslapd-db-abort-rate: 0\nnsslapd-db-acti...rate: 8\nnsslapd-db-pages-in-use: 19\nnsslapd-db-txn-region-wait-rate: 0\nobjectClass: top\nobjectClass: extensibleObject\n\n.hasValue
E At index 0 diff: 50 != 52
E Full diff:
E - b'20000'
E ? ^
E + b'40000'
E ? ^)

/export/tests/tickets/ticket48906_test.py:103: AssertionError
------------------------------ Captured log call -------------------------------
ticket48906_test.py 243 INFO ################################### ticket48906_test.py 244 INFO ### ticket48906_test.py 245 INFO ### Check that the following values are rejected ticket48906_test.py 246 INFO ### - negative value ticket48906_test.py 247 INFO ### - insuffisant value ticket48906_test.py 248 INFO ### - invalid value ticket48906_test.py 249 INFO ### Check that minimum value is accepted ticket48906_test.py 250 INFO ### ticket48906_test.py 251 INFO ###################################
Failed tickets/ticket48961_test.py::test_ticket48961_storagescheme 0.01
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc3de15c0>

def test_ticket48961_storagescheme(topology_st):
"""
Test deleting of the storage scheme.
"""

default = topology_st.standalone.config.get_attr_val('passwordStorageScheme')
# Change it
topology_st.standalone.config.set('passwordStorageScheme', 'CLEAR')
# Now delete it
> topology_st.standalone.config.remove('passwordStorageScheme', None)

/export/tests/tickets/ticket48961_test.py:27:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:296: in remove
self.set(key, value, action=ldap.MOD_DELETE)
/usr/local/lib/python3.7/site-packages/lib389/_mapped_object.py:378: in set
serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:604: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:751: in result3
resp_ctrl_classes=resp_ctrl_classes
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:758: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:331: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/local/lib64/python3.7/site-packages/ldap/compat.py:44: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc427f4a8>
func = <built-in method result4 of LDAP object at 0x7f8fc3ec9e40>
args = (4, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'desc': 'Operations error', 'info': 'passwordStorageScheme: deleting the value is not allowed.'}

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: OPERATIONS_ERROR
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket48961_test.py::test_ticket48961_deleteall 0.00
topology_st = <lib389.topologies.TopologyMain object at 0x7f8fc3de15c0>

def test_ticket48961_deleteall(topology_st):
"""
Test that we can delete all valid attrs, and that a few are rejected.
"""
attr_to_test = {
'nsslapd-listenhost': 'localhost',
'nsslapd-securelistenhost': 'localhost',
'nsslapd-allowed-sasl-mechanisms': 'GSSAPI',
'nsslapd-svrtab': 'Some bogus data', # This one could reset?
}
attr_to_fail = {
# These are the values that should always be dn dse.ldif too
'nsslapd-localuser': 'dirsrv',
'nsslapd-defaultnamingcontext': 'dc=example,dc=com', # Can't delete
'nsslapd-accesslog': '/opt/dirsrv/var/log/dirsrv/slapd-standalone/access',
'nsslapd-auditlog': '/opt/dirsrv/var/log/dirsrv/slapd-standalone/audit',
'nsslapd-errorlog': '/opt/dirsrv/var/log/dirsrv/slapd-standalone/errors',
'nsslapd-tmpdir': '/tmp',
'nsslapd-rundir': '/opt/dirsrv/var/run/dirsrv',
'nsslapd-bakdir': '/opt/dirsrv/var/lib/dirsrv/slapd-standalone/bak',
'nsslapd-certdir': '/opt/dirsrv/etc/dirsrv/slapd-standalone',
'nsslapd-instancedir': '/opt/dirsrv/lib/dirsrv/slapd-standalone',
'nsslapd-ldifdir': '/opt/dirsrv/var/lib/dirsrv/slapd-standalone/ldif',
'nsslapd-lockdir': '/opt/dirsrv/var/lock/dirsrv/slapd-standalone',
'nsslapd-schemadir': '/opt/dirsrv/etc/dirsrv/slapd-standalone/schema',
'nsslapd-workingdir': '/opt/dirsrv/var/log/dirsrv/slapd-standalone',
'nsslapd-localhost': 'localhost.localdomain',
# These can't be reset, but might be in dse.ldif. Probably in libglobs.
'nsslapd-certmap-basedn': 'cn=certmap,cn=config',
'nsslapd-port': '38931', # Can't delete
'nsslapd-secureport': '636', # Can't delete
'nsslapd-conntablesize': '1048576',
'nsslapd-rootpw': '{SSHA512}...',
# These are hardcoded server magic.
'nsslapd-hash-filters': 'off', # Can't delete
'nsslapd-requiresrestart': 'cn=config:nsslapd-port', # Can't change
'nsslapd-plugin': 'cn=case ignore string syntax,cn=plugins,cn=config', # Can't change
'nsslapd-privatenamespaces': 'cn=schema', # Can't change
'nsslapd-allowed-to-delete-attrs': 'None', # Can't delete
'nsslapd-accesslog-list': 'List!', # Can't delete
'nsslapd-auditfaillog-list': 'List!',
'nsslapd-auditlog-list': 'List!',
'nsslapd-errorlog-list': 'List!',
'nsslapd-config': 'cn=config',
'nsslapd-versionstring': '389-Directory/1.3.6.0',
'objectclass': '',
'cn': '',
# These are the odd values
'nsslapd-backendconfig': 'cn=config,cn=userRoot,cn=ldbm database,cn=plugins,cn=config', # Doesn't exist?
'nsslapd-betype': 'ldbm database', # Doesn't exist?
'nsslapd-connection-buffer': 1, # Has an ldap problem
'nsslapd-malloc-mmap-threshold': '-10', # Defunct anyway
'nsslapd-malloc-mxfast': '-10',
'nsslapd-malloc-trim-threshold': '-10',
'nsslapd-referralmode': '',
'nsslapd-saslpath': '',
'passwordadmindn': '',
}

> config_entry = topology_st.standalone.config.raw_entry()
E TypeError: 'NoneType' object is not callable

/export/tests/tickets/ticket48961_test.py:100: TypeError
Failed tickets/ticket48973_test.py::test_ticket48973_ces_not_indexed 1.17
topology = <tests.tickets.ticket48973_test.TopologyStandalone object at 0x7f8fc3fe7780>

def test_ticket48973_ces_not_indexed(topology):
"""
Check that homedirectory is not indexed
- do a search unindexed
"""

entry_ext = 0
searchedHome = "%s%d" % (HOMEHEAD, entry_ext)
Filter = "(homeDirectory=%s)" % searchedHome
log.info("Search %s" % Filter)
ents = topology.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, Filter)
assert len(ents) == 1
assert ents[0].hasAttr('homedirectory')
assert ensure_bytes(searchedHome) in ents[0].getValues('homedirectory')

result = _find_next_notes(topology, Filter)
log.info("result=%s" % result)
> assert "notes=U" in result
E TypeError: argument of type 'NoneType' is not iterable

/export/tests/tickets/ticket48973_test.py:217: TypeError
------------------------------ Captured log call -------------------------------
ticket48973_test.py 209 INFO Search (homeDirectory=/home/xyz_0) ticket48973_test.py 216 INFO result=None
Failed tickets/ticket48973_test.py::test_ticket48973_homeDirectory_indexing 3.18
topology = <tests.tickets.ticket48973_test.TopologyStandalone object at 0x7f8fc3fe7780>

def test_ticket48973_homeDirectory_indexing(topology):
"""
Check that homedirectory is indexed with syntax (ces)
- triggers index
- no failure on index
- do a search indexed with exact value (ces) and no default_mr_indexer_create warning
- do a search indexed with uppercase value (ces) and no default_mr_indexer_create warning
"""
entry_ext = 1

try:
ent = topology.standalone.getEntry(HOMEDIRECTORY_INDEX, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
topology.standalone.add_s(Entry((HOMEDIRECTORY_INDEX, {
'objectclass': "top nsIndex".split(),
'cn': HOMEDIRECTORY_CN,
'nsSystemIndex': 'false',
'nsIndexType': 'eq'})))

args = {TASK_WAIT: True}
topology.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

log.info("Check indexing succeeded with no specified matching rule")
assert not _find_first_indexing_failure(topology, "unknown or invalid matching rule")
assert not _find_first_indexing_failure(topology, "default_mr_indexer_create: warning")
assert not _find_first_indexing_failure(topology, "default_mr_indexer_create - Plugin .* does not handle")

> _check_entry(topology, filterHead="homeDirectory", filterValueUpper=False, entry_ext=entry_ext,found=True, indexed=True)

/export/tests/tickets/ticket48973_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <tests.tickets.ticket48973_test.TopologyStandalone object at 0x7f8fc3fe7780>
filterHead = 'homeDirectory', filterValueUpper = False, entry_ext = 1
found = True, indexed = True

def _check_entry(topology, filterHead=None, filterValueUpper=False, entry_ext=None, found=False, indexed=False):
# Search with CES with exact value -> find an entry + indexed
if filterValueUpper:
homehead = HOMEHEAD.upper()
else:
homehead = HOMEHEAD
searchedHome = "%s%d" % (homehead, entry_ext)
Filter = "(%s=%s)" % (filterHead, searchedHome)
log.info("Search %s" % Filter)
ents = topology.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, Filter)
if found:
assert len(ents) == 1
assert ents[0].hasAttr('homedirectory')
valueHome = ensure_bytes("%s%d" % (HOMEHEAD, entry_ext))
assert valueHome in ents[0].getValues('homedirectory')
else:
assert len(ents) == 0

result = _find_next_notes(topology, Filter)
log.info("result=%s" % result)
if indexed:
> assert not "notes=U" in result
E TypeError: argument of type 'NoneType' is not iterable

/export/tests/tickets/ticket48973_test.py:184: TypeError
------------------------------ Captured log call -------------------------------
tasks.py 737 INFO Index task index_attrs_03232019_215505 completed successfully ticket48973_test.py 242 INFO Check indexing succeeded with no specified matching rule ticket48973_test.py 171 INFO Search (homeDirectory=/home/xyz_1) ticket48973_test.py 182 INFO result=None
Failed tickets/ticket48973_test.py::test_ticket48973_homeDirectory_caseExactIA5Match_caseIgnoreIA5Match_indexing 3.18
topology = <tests.tickets.ticket48973_test.TopologyStandalone object at 0x7f8fc3fe7780>

def test_ticket48973_homeDirectory_caseExactIA5Match_caseIgnoreIA5Match_indexing(topology):
"""
Check that homedirectory is indexed with syntax (ces && cis)
- triggers index
- no failure on index
- do a search indexed (ces) and no default_mr_indexer_create warning
- do a search indexed (cis) and no default_mr_indexer_create warning
"""
entry_ext = 4

log.info("\n\nindex homeDirectory in caseExactIA5Match and caseIgnoreIA5Match")
EXACTIA5_MR_NAME=b'caseExactIA5Match'
IGNOREIA5_MR_NAME=b'caseIgnoreIA5Match'
EXACT_MR_NAME=b'caseExactMatch'
IGNORE_MR_NAME=b'caseIgnoreMatch'
mod = [(ldap.MOD_REPLACE, MATCHINGRULE, (EXACT_MR_NAME, IGNORE_MR_NAME, EXACTIA5_MR_NAME, IGNOREIA5_MR_NAME))]
topology.standalone.modify_s(HOMEDIRECTORY_INDEX, mod)

args = {TASK_WAIT: True}
topology.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

log.info("Check indexing succeeded with no specified matching rule")
assert not _find_first_indexing_failure(topology, "unknown or invalid matching rule")
assert not _find_first_indexing_failure(topology, "default_mr_indexer_create: warning")
assert not _find_first_indexing_failure(topology, "default_mr_indexer_create - Plugin .* does not handle")

> _check_entry(topology, filterHead="homeDirectory", filterValueUpper=False, entry_ext=entry_ext, found=True, indexed=True)

/export/tests/tickets/ticket48973_test.py:287:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <tests.tickets.ticket48973_test.TopologyStandalone object at 0x7f8fc3fe7780>
filterHead = 'homeDirectory', filterValueUpper = False, entry_ext = 4
found = True, indexed = True

def _check_entry(topology, filterHead=None, filterValueUpper=False, entry_ext=None, found=False, indexed=False):
# Search with CES with exact value -> find an entry + indexed
if filterValueUpper:
homehead = HOMEHEAD.upper()
else:
homehead = HOMEHEAD
searchedHome = "%s%d" % (homehead, entry_ext)
Filter = "(%s=%s)" % (filterHead, searchedHome)
log.info("Search %s" % Filter)
ents = topology.standalone.search_s(SUFFIX, ldap.SCOPE_SUBTREE, Filter)
if found:
assert len(ents) == 1
assert ents[0].hasAttr('homedirectory')
valueHome = ensure_bytes("%s%d" % (HOMEHEAD, entry_ext))
assert valueHome in ents[0].getValues('homedirectory')
else:
assert len(ents) == 0

result = _find_next_notes(topology, Filter)
log.info("result=%s" % result)
if indexed:
> assert not "notes=U" in result
E TypeError: argument of type 'NoneType' is not iterable

/export/tests/tickets/ticket48973_test.py:184: TypeError
------------------------------ Captured log call -------------------------------
ticket48973_test.py 271 INFO index homeDirectory in caseExactIA5Match and caseIgnoreIA5Match tasks.py 737 INFO Index task index_attrs_03232019_215509 completed successfully ticket48973_test.py 282 INFO Check indexing succeeded with no specified matching rule ticket48973_test.py 171 INFO Search (homeDirectory=/home/xyz_4) ticket48973_test.py 182 INFO result=None
Failed tickets/ticket49039_test.py::test_ticket49039 5.22
topo = <lib389.topologies.TopologyMain object at 0x7f8fc42595c0>

def test_ticket49039(topo):
"""Test "password must change" verses "password min age". Min age should not
block password update if the password was reset.
"""

# Setup SSL (for ldappasswd test)
> topo.standalone.enable_tls()

/export/tests/tickets/ticket49039_test.py:31:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1597: in enable_tls
self.restart(post_open=post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
---------------------------- Captured stdout setup -----------------------------
Instance slapd-standalone1 removed. ------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Failed tickets/ticket49071_test.py::test_ticket49071 7.03
topo = <lib389.topologies.TopologyMain object at 0x7f8fc3d71ac8>

def test_ticket49071(topo):
"""Verify- Import ldif with duplicate DNs, should not log error "unable to flush"

:id: dce2b898-119d-42b8-a236-1130f58bff17
:feature: It is to verify bug:1406101, ticket:49071
:setup: Standalone instance, ldif file with duplicate entries
:steps: 1. Create a ldif file with duplicate entries
2. Import ldif file to DS
3. Check error log file, it should not log "unable to flush"
4. Check error log file, it should log "Duplicated DN detected"
:expectedresults: Error log should not contain "unable to flush" error
"""

log.info('ticket 49071: Create import file')
l = """dn: dc=example,dc=com
objectclass: top
objectclass: domain
dc: example

dn: ou=myDups00001,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: myDups00001

dn: ou=myDups00001,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: myDups00001
"""

ldif_dir = topo.standalone.get_ldif_dir()
ldif_file = os.path.join(ldif_dir, 'data.ldif')
with open(ldif_file, "w") as fd:
fd.write(l)
fd.close()

log.info('ticket 49071: Import ldif having duplicate entry')
try:
topo.standalone.tasks.importLDIF(suffix=DEFAULT_SUFFIX,
input_file=ldif_file,
args={TASK_WAIT: True})
except ValueError:
log.fatal('ticket 49104: Online import failed')
raise

log.info('ticket 49071: Error log should not have - unable to flush')
assert not topo.standalone.ds_error_log.match('.*unable to flush.*')

log.info('ticket 49071: Error log should have - Duplicated DN detected')
> assert topo.standalone.ds_error_log.match('.*Duplicated DN detected.*')
E AssertionError: assert []
E + where [] = <bound method DirsrvLog.match of <lib389.dirsrv_log.DirsrvErrorLog object at 0x7f8fc4106588>>('.*Duplicated DN detected.*')
E + where <bound method DirsrvLog.match of <lib389.dirsrv_log.DirsrvErrorLog object at 0x7f8fc4106588>> = <lib389.dirsrv_log.DirsrvErrorLog object at 0x7f8fc4106588>.match
E + where <lib389.dirsrv_log.DirsrvErrorLog object at 0x7f8fc4106588> = <lib389.DirSrv object at 0x7f8fc3d71e80>.ds_error_log
E + where <lib389.DirSrv object at 0x7f8fc3d71e80> = <lib389.topologies.TopologyMain object at 0x7f8fc3d71ac8>.standalone

/export/tests/tickets/ticket49071_test.py:64: AssertionError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ticket49071_test.py 28 INFO ticket 49071: Create import file ticket49071_test.py 51 INFO ticket 49071: Import ldif having duplicate entry tasks.py 435 ERROR Error: import task import_03232019_215743 for file /var/lib/dirsrv/slapd-standalone1/ldif/data.ldif exited with -23 ticket49071_test.py 60 INFO ticket 49071: Error log should not have - unable to flush ticket49071_test.py 63 INFO ticket 49071: Error log should have - Duplicated DN detected
Failed tickets/ticket49073_test.py::test_ticket49073 4.39
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc4085b00>

def test_ticket49073(topology_m2):
"""Write your replication test here.

To access each DirSrv instance use: topology_m2.ms["master1"], topology_m2.ms["master2"],
..., topology_m2.hub1, ..., topology_m2.consumer1,...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).
"""
topology_m2.ms["master1"].plugins.enable(name=PLUGIN_MEMBER_OF)
topology_m2.ms["master1"].restart(timeout=10)
topology_m2.ms["master2"].plugins.enable(name=PLUGIN_MEMBER_OF)
topology_m2.ms["master2"].restart(timeout=10)

# Configure fractional to prevent total init to send memberof
ents = topology_m2.ms["master1"].agreement.list(suffix=SUFFIX)
assert len(ents) == 1
log.info('update %s to add nsDS5ReplicatedAttributeListTotal' % ents[0].dn)
topology_m2.ms["master1"].modify_s(ents[0].dn,
[(ldap.MOD_REPLACE,
'nsDS5ReplicatedAttributeListTotal',
'(objectclass=*) $ EXCLUDE '),
(ldap.MOD_REPLACE,
'nsDS5ReplicatedAttributeList',
> '(objectclass=*) $ EXCLUDE memberOf')])

/export/tests/tickets/ticket49073_test.py:102:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:631: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:603: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:600: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:197: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f8fc4435978>
func = <built-in method modify_ext of LDAP object at 0x7f8fc427b440>
args = ('cn=002,cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsDS5ReplicatedAttributeListTotal', '(objectclass=*) $ EXCLUDE '), (2, 'nsDS5ReplicatedAttributeList', '(objectclass=*) $ EXCLUDE memberOf')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', '(')

/usr/local/lib64/python3.7/site-packages/ldap/ldapobject.py:315: TypeError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists------------------------------ Captured log call -------------------------------
ticket49073_test.py 95 INFO update cn=002,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config to add nsDS5ReplicatedAttributeListTotal
Failed tickets/ticket49303_test.py::test_ticket49303 5.53
topo = <lib389.topologies.TopologyMain object at 0x7f8fc421fac8>

def test_ticket49303(topo):
"""
Test the nsTLSAllowClientRenegotiation setting.
"""
sslport = SECUREPORT_STANDALONE1

log.info("Ticket 49303 - Allow disabling of SSL renegotiation")

# No value set, defaults to reneg allowed
> enable_ssl(topo.standalone, sslport)

/export/tests/tickets/ticket49303_test.py:85:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket49303_test.py:67: in enable_ssl
server.restart()
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1266: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.7/site-packages/lib389/__init__.py:1133: in start
"dirsrv@%s" % self.serverid])
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],), kwargs = {}
retcode = 1, cmd = ['systemctl', 'start', 'dirsrv@standalone1']

def check_call(*popenargs, **kwargs):
"""Run command with arguments. Wait for command to complete. If
the exit code was zero then return, otherwise raise
CalledProcessError. The CalledProcessError object will have the
return code in the returncode attribute.

The arguments are the same as for the call function. Example:

check_call(["ls", "-l"])
"""
retcode = call(*popenargs, **kwargs)
if retcode:
cmd = kwargs.get("args")
if cmd is None:
cmd = popenargs[0]
> raise CalledProcessError(retcode, cmd)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.7/subprocess.py:347: CalledProcessError
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because a fatal signal was delivered causing the control process to dump core. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
ticket49303_test.py 82 INFO Ticket 49303 - Allow disabling of SSL renegotiation
XFailed suites/replication/conflict_resolve_test.py::TestTwoMasters::test_memberof_groups 0.00
self = <tests.suites.replication.conflict_resolve_test.TestTwoMasters object at 0x7f8fc5c42908>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc5c5bb00>
base_m2 = <lib389.idm.nscontainer.nsContainer object at 0x7f8fc5c42eb8>

def test_memberof_groups(self, topology_m2, base_m2):
"""Check that conflict properly resolved for operations
with memberOf and groups

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb3
:setup: Two master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Enable memberOf plugin
2. Add 30 users to m1 and wait for replication to happen
3. Pause replication
4. Create a group on m1 and m2
5. Create a group on m1 and m2, delete from m1
6. Create a group on m1, delete from m1, and create on m2,
7. Create a group on m2 and m1, delete from m1
8. Create two different groups on m2
9. Resume replication
10. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
9. It should pass
10. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:399: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestTwoMasters::test_managed_entries 0.00
self = <tests.suites.replication.conflict_resolve_test.TestTwoMasters object at 0x7f8fc60a7fd0>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc5c5bb00>

def test_managed_entries(self, topology_m2):
"""Check that conflict properly resolved for operations
with managed entries

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb4
:setup: Two master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Create ou=managed_users and ou=managed_groups under test container
2. Configure managed entries plugin and add a template to test container
3. Add a user to m1 and wait for replication to happen
4. Pause replication
5. Create a user on m1 and m2 with a same group ID on both master
6. Create a user on m1 and m2 with a different group ID on both master
7. Resume replication
8. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:490: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestTwoMasters::test_nested_entries_with_children 0.00
self = <tests.suites.replication.conflict_resolve_test.TestTwoMasters object at 0x7f8fc5cd6908>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f8fc5c5bb00>
base_m2 = <lib389.idm.nscontainer.nsContainer object at 0x7f8fc5ccb128>

def test_nested_entries_with_children(self, topology_m2, base_m2):
"""Check that conflict properly resolved for operations
with nested entries with children

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb5
:setup: Two master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Add 15 containers to m1 and wait for replication to happen
2. Pause replication
3. Create parent-child on master2 and master1
4. Create parent-child on master1 and master2
5. Create parent-child on master1 and master2 different child rdn
6. Create parent-child on master1 and delete parent on master2
7. Create parent on master1, delete it and parent-child on master2, delete them
8. Create parent on master1, delete it and parent-two children on master2
9. Create parent-two children on master1 and parent-child on master2, delete them
10. Create three subsets inside existing container entry, applying only part of changes on m2
11. Create more combinations of the subset with parent-child on m1 and parent on m2
12. Delete container on m1, modify user1 on m1, create parent on m2 and modify user2 on m2
13. Resume replication
14. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
9. It should pass
10. It should pass
11. It should pass
12. It should pass
13. It should pass
14. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:581: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestThreeMasters::test_nested_entries 0.00
self = <tests.suites.replication.conflict_resolve_test.TestThreeMasters object at 0x7f8fc60b20f0>
topology_m3 = <lib389.topologies.TopologyMain object at 0x7f8fc5e6cdd8>
base_m3 = <lib389.idm.nscontainer.nsContainer object at 0x7f8fc6114cc0>

def test_nested_entries(self, topology_m3, base_m3):
"""Check that conflict properly resolved for operations
with nested entries with children

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb6
:setup: Three master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Add 15 containers to m1 and wait for replication to happen
2. Pause replication
3. Create two child entries under each of two entries
4. Create three child entries under each of three entries
5. Create two parents on m1 and m2, then on m1 - create a child and delete one parent,
on m2 - delete one parent and create a child
6. Test a few more parent-child combinations with three instances
7. Resume replication
8. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:794: XFailed
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'master3', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 153 INFO Joining master master3 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39003 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39003 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39003 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39003 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39003 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39003 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master1 to master3 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39003 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists topologies.py 161 INFO Ensuring master master2 to master3 ... replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39003 is was created topologies.py 161 INFO Ensuring master master3 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39003 to ldap://server.example.com:39001 already exists topologies.py 161 INFO Ensuring master master3 to master2 ... replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39003 to ldap://server.example.com:39002 is was created
XFailed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaPort-0-65535-9999999999999999999999999999999999999999999999999999999999999999999-invalid-389] 0.02
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaPort', too_small = '0', too_big = '65535'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '389'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_add(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf94
:setup: standalone instance
:steps:
1. Use a value that is too small
2. Use a value that is too big
3. Use a value that overflows the int
4. Use a value with character value (not a number)
5. Use a valid value
:expectedresults:
1. Add is rejected
2. Add is rejected
3. Add is rejected
4. Add is rejected
5. Add is allowed
"""

agmt_reset(topo)
replica = replica_setup(topo)

agmts = Agreements(topo.standalone, basedn=replica.dn)

# Test too small
perform_invalid_create(agmts, agmt_dict, attr, too_small)
# Test too big
> perform_invalid_create(agmts, agmt_dict, attr, too_big)

suites/replication/replica_config_test.py:210:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

many = <lib389.agreement.Agreements object at 0x7f8fc6040c50>
properties = {'cn': 'test_agreement', 'nsDS5ReplicaBindDN': 'uid=tester', 'nsDS5ReplicaBindMethod': 'SIMPLE', 'nsDS5ReplicaHost': 'localhost.localdomain', ...}
attr = 'nsds5ReplicaPort', value = '65535'

def perform_invalid_create(many, properties, attr, value):
my_properties = copy.deepcopy(properties)
my_properties[attr] = value
with pytest.raises(ldap.LDAPError):
> many.create(properties=my_properties)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:106: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaPort-0-65535-9999999999999999999999999999999999999999999999999999999999999999999-invalid-389] 0.12
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaPort', too_small = '0', too_big = '65535'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '389'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
> perform_invalid_modify(agmt, attr, too_small)

suites/replication/replica_config_test.py:245:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc5fe1208>
attr = 'nsds5ReplicaPort', value = '0'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaTimeout', too_small = '-1', too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc5ce05c0>
attr = 'nsds5ReplicaTimeout', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaBusyWaitTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaBusyWaitTime', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc5eba9e8>
attr = 'nsds5ReplicaBusyWaitTime', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaSessionPauseTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaSessionPauseTime', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc5cdd278>
attr = 'nsds5ReplicaSessionPauseTime', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaFlowControlWindow--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaFlowControlWindow', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc5fe8b38>
attr = 'nsds5ReplicaFlowControlWindow', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaFlowControlPause--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaFlowControlPause', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc5fe17b8>
attr = 'nsds5ReplicaFlowControlPause', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaProtocolTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f8fc5e6c198>
attr = 'nsds5ReplicaProtocolTimeout', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:247:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f8fc608c780>
attr = 'nsds5ReplicaProtocolTimeout', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError):
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:110: Failed
XFailed suites/replication/ruvstore_test.py::test_memoryruv_sync_with_databaseruv 0.03
topo = <lib389.topologies.TopologyMain object at 0x7f8fc606c710>

@pytest.mark.xfail(reason="No method to safety access DB ruv currently exists online.")
def test_memoryruv_sync_with_databaseruv(topo):
"""Check if memory ruv and database ruv are synced

:id: 5f38ac5f-6353-460d-bf60-49cafffda5b3
:setup: Replication with two masters.
:steps: 1. Add user to server and compare memory ruv and database ruv.
2. Modify description of user and compare memory ruv and database ruv.
3. Modrdn of user and compare memory ruv and database ruv.
4. Delete user and compare memory ruv and database ruv.
:expectedresults:
1. For add user, the memory ruv and database ruv should be the same.
2. For modify operation, the memory ruv and database ruv should be the same.
3. For modrdn operation, the memory ruv and database ruv should be the same.
4. For delete operation, the memory ruv and database ruv should be the same.
"""

log.info('Adding user: {} to master1'.format(TEST_ENTRY_NAME))
users = UserAccounts(topo.ms['master1'], DEFAULT_SUFFIX)
tuser = users.create(properties=USER_PROPERTIES)
> _compare_memoryruv_and_databaseruv(topo, 'add')

suites/replication/ruvstore_test.py:137:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topo = <lib389.topologies.TopologyMain object at 0x7f8fc606c710>
operation_type = 'add'

def _compare_memoryruv_and_databaseruv(topo, operation_type):
"""Compare the memoryruv and databaseruv for ldap operations"""

log.info('Checking memory ruv for ldap: {} operation'.format(operation_type))
replicas = Replicas(topo.ms['master1'])
replica = replicas.list()[0]
memory_ruv = replica.get_attr_val_utf8('nsds50ruv')

log.info('Checking database ruv for ldap: {} operation'.format(operation_type))
> entry = replicas.get_ruv_entry(DEFAULT_SUFFIX)
E AttributeError: 'Replicas' object has no attribute 'get_ruv_entry'

suites/replication/ruvstore_test.py:79: AttributeError
------------------------------ Captured log call -------------------------------
ruvstore_test.py 134 INFO Adding user: rep2lusr to master1 ruvstore_test.py 73 INFO Checking memory ruv for ldap: add operation ruvstore_test.py 78 INFO Checking database ruv for ldap: add operation
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaBusyWaitTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaSessionPauseTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaFlowControlWindow--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaFlowControlPause--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaProtocolTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.13
No log output captured.
Skipped suites/config/regression_test.py::test_set_cachememsize_to_custom_value::setup 0.00
('suites/config/regression_test.py', 31, 'Skipped: available memory is too low')
Skipped suites/memory_leaks/range_search_test.py::test_range_search::setup 0.00
('suites/memory_leaks/range_search_test.py', 21, "Skipped: Don't run if ASAN is not enabled")
Skipped tickets/ticket47815_test.py::test_ticket47815::setup 0.00
('tickets/ticket47815_test.py', 23, 'Skipped: Not implemented, or invalid by nsMemberOf')
Skipped tickets/ticket49121_test.py::test_ticket49121::setup 0.00
('tickets/ticket49121_test.py', 30, "Skipped: Don't run if ASAN is not enabled")
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_EQ_ACI)] 0.03
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_PRES_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_SUB_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, ROLE_PRES_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, ROLE_SUB_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_EQ_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_PRES_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_SUB_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, LDAPURL_ACI)] 0.03
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, REAL_EQ_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_OU, REAL_PRES_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, REAL_SUB_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_EQ_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_PRES_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_SUB_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_EQ_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_PRES_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_SUB_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(SALES_UESER, SALES_MANAGER, LDAPURL_ACI)] 0.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, ENG_MANAGER, ROLE_EQ_ACI)] 0.04
No log output captured.
Passed suites/acl/acl_deny_test.py::test_multi_deny_aci 9.11
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. acl_deny_test.py 37 INFO Add uid=tuser1,ou=People,dc=example,dc=com acl_deny_test.py 48 INFO Add uid=tuser,ou=People,dc=example,dc=com------------------------------ Captured log call -------------------------------
acl_deny_test.py 80 INFO Pass 1 acl_deny_test.py 83 INFO Testing two searches behave the same... acl_deny_test.py 126 INFO Testing search does not return any entries... acl_deny_test.py 80 INFO Pass 2 acl_deny_test.py 83 INFO Testing two searches behave the same... acl_deny_test.py 126 INFO Testing search does not return any entries... acl_deny_test.py 190 INFO Test PASSED
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[lang-ja] 0.00
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists acl_test.py 75 INFO ========Executing test with 'lang-ja' subtype======== acl_test.py 76 INFO Add a target attribute acl_test.py 79 INFO Add a user attribute acl_test.py 87 INFO Add an ACI with attribute subtype------------------------------ Captured log call -------------------------------
acl_test.py 116 INFO Search for the added attribute acl_test.py 123 INFO The added attribute was found
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[binary] 0.00
------------------------------ Captured log setup ------------------------------
acl_test.py 75 INFO ========Executing test with 'binary' subtype======== acl_test.py 76 INFO Add a target attribute acl_test.py 79 INFO Add a user attribute acl_test.py 87 INFO Add an ACI with attribute subtype------------------------------ Captured log call -------------------------------
acl_test.py 116 INFO Search for the added attribute acl_test.py 123 INFO The added attribute was found
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[phonetic] 0.00
------------------------------ Captured log setup ------------------------------
acl_test.py 75 INFO ========Executing test with 'phonetic' subtype======== acl_test.py 76 INFO Add a target attribute acl_test.py 79 INFO Add a user attribute acl_test.py 87 INFO Add an ACI with attribute subtype------------------------------ Captured log call -------------------------------
acl_test.py 116 INFO Search for the added attribute acl_test.py 123 INFO The added attribute was found
Passed suites/acl/acl_test.py::test_mode_default_add_deny 0.06
------------------------------ Captured log setup ------------------------------
acl_test.py 231 INFO ######## INITIALIZATION ######## acl_test.py 234 INFO Add uid=bind_entry,dc=example,dc=com acl_test.py 244 INFO Add cn=staged user,dc=example,dc=com acl_test.py 248 INFO Add cn=accounts,dc=example,dc=com acl_test.py 252 INFO Add cn=excepts,cn=accounts,dc=example,dc=com------------------------------ Captured log call -------------------------------
acl_test.py 284 INFO ######## mode moddn_aci : ADD (should fail) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 292 INFO Try to add cn=accounts,dc=example,dc=com acl_test.py 301 INFO Exception (expected): INSUFFICIENT_ACCESS
Passed suites/acl/acl_test.py::test_mode_default_delete_deny 0.05
------------------------------ Captured log call -------------------------------
acl_test.py 319 INFO ######## DELETE (should fail) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 326 INFO Try to delete cn=staged user,dc=example,dc=com acl_test.py 331 INFO Exception (expected): INSUFFICIENT_ACCESS
Passed suites/acl/acl_test.py::test_moddn_staging_prod[0-cn=staged user,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (0) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account0,cn=staged user,dc=example,dc=com -> uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account0,cn=staged user,dc=example,dc=com -> uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[1-cn=staged user,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (1) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account1,cn=staged user,dc=example,dc=com -> uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account1,cn=staged user,dc=example,dc=com -> uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[2-cn=staged user,dc=example,dc=com-cn=bad*,dc=example,dc=com-True] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (2) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account2,cn=staged user,dc=example,dc=com -> uid=new_account2,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account2,cn=staged user,dc=example,dc=com -> uid=new_account2,cn=accounts,dc=example,dc=com acl_test.py 398 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[3-cn=st*,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (3) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account3,cn=staged user,dc=example,dc=com -> uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account3,cn=staged user,dc=example,dc=com -> uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[4-cn=bad*,dc=example,dc=com-cn=accounts,dc=example,dc=com-True] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (4) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account4,cn=staged user,dc=example,dc=com -> uid=new_account4,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account4,cn=staged user,dc=example,dc=com -> uid=new_account4,cn=accounts,dc=example,dc=com acl_test.py 398 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[5-cn=st*,dc=example,dc=com-cn=ac*,dc=example,dc=com-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (5) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account5,cn=staged user,dc=example,dc=com -> uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account5,cn=staged user,dc=example,dc=com -> uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[6-None-cn=ac*,dc=example,dc=com-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (6) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account6,cn=staged user,dc=example,dc=com -> uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account6,cn=staged user,dc=example,dc=com -> uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[7-cn=st*,dc=example,dc=com-None-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (7) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account7,cn=staged user,dc=example,dc=com -> uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account7,cn=staged user,dc=example,dc=com -> uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[8-None-None-False] 0.30
------------------------------ Captured log call -------------------------------
acl_test.py 365 INFO ######## MOVE staging -> Prod (8) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 377 INFO Try to MODDN uid=new_account8,cn=staged user,dc=example,dc=com -> uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 384 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 388 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 395 INFO Try to MODDN uid=new_account8,cn=staged user,dc=example,dc=com -> uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod_9 1.34
------------------------------ Captured log call -------------------------------
acl_test.py 441 INFO ######## MOVE staging -> Prod (9) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 454 INFO Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 461 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 467 INFO Disable the moddn right acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 472 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 480 INFO Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 487 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 509 INFO Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 520 INFO Enable the moddn right acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 524 INFO ######## MOVE staging -> Prod (10) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 536 INFO Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 543 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 560 INFO Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 567 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 576 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 582 INFO Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_prod_staging 0.56
------------------------------ Captured log call -------------------------------
acl_test.py 611 INFO ######## MOVE staging -> Prod (11) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 624 INFO Try to MODDN uid=new_account11,cn=staged user,dc=example,dc=com -> uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 631 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 635 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 641 INFO Try to MODDN uid=new_account11,cn=staged user,dc=example,dc=com -> uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 656 INFO Try to move back MODDN uid=new_account11,cn=accounts,dc=example,dc=com -> uid=new_account11,cn=staged user,dc=example,dc=com acl_test.py 663 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_check_repl_M2_to_M1 1.11
------------------------------ Captured log call -------------------------------
acl_test.py 693 INFO Bind as cn=Directory Manager (M2) acl_test.py 713 INFO Update (M2) uid=new_account12,cn=staged user,dc=example,dc=com (description) acl_test.py 726 INFO Update uid=new_account12,cn=staged user,dc=example,dc=com (description) replicated on M1
Passed suites/acl/acl_test.py::test_moddn_staging_prod_except 0.31
------------------------------ Captured log call -------------------------------
acl_test.py 751 INFO ######## MOVE staging -> Prod (13) ######## acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 763 INFO Try to MODDN uid=new_account13,cn=staged user,dc=example,dc=com -> uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 770 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 774 INFO ######## MOVE to and from equality filter ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 158 INFO Add a DENY aci under cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 781 INFO Try to MODDN uid=new_account13,cn=staged user,dc=example,dc=com -> uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 787 INFO ######## MOVE staging -> Prod/Except (14) ######## acl_test.py 793 INFO Try to MODDN uid=new_account14,cn=staged user,dc=example,dc=com -> uid=new_account14,cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 800 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 158 INFO Add a DENY aci under cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_default_ger_no_moddn 0.00
------------------------------ Captured log call -------------------------------
acl_test.py 827 INFO ######## mode moddn_aci : GER no moddn ######## acl_test.py 838 INFO dn: cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 838 INFO dn: uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 841 INFO ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_mode_default_ger_with_moddn 0.27
------------------------------ Captured log call -------------------------------
acl_test.py 865 INFO ######## mode moddn_aci: GER with moddn ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 883 INFO dn: cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 883 INFO dn: uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 886 INFO ######## entryLevelRights: b'vn' acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_legacy_ger_no_moddn1 0.11
------------------------------ Captured log call -------------------------------
acl_test.py 916 INFO ######## Disable the moddn aci mod ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 920 INFO ######## mode legacy 1: GER no moddn ######## acl_test.py 930 INFO dn: cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 930 INFO dn: uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 933 INFO ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_mode_legacy_ger_no_moddn2 0.38
------------------------------ Captured log call -------------------------------
acl_test.py 959 INFO ######## Disable the moddn aci mod ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 963 INFO ######## mode legacy 2: GER no moddn ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 980 INFO dn: cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 980 INFO dn: uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 983 INFO ######## entryLevelRights: b'v' acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_legacy_ger_with_moddn 0.50
------------------------------ Captured log call -------------------------------
acl_test.py 1019 INFO ######## Disable the moddn aci mod ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 1023 INFO ######## mode legacy : GER with moddn ######## acl_test.py 131 INFO Bind as cn=Directory Manager acl_test.py 137 INFO Bind as uid=bind_entry,dc=example,dc=com acl_test.py 1045 INFO dn: cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 1045 INFO dn: uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 1048 INFO ######## entryLevelRights: b'vn' acl_test.py 131 INFO Bind as cn=Directory Manager
Passed suites/acl/acl_test.py::test_rdn_write_get_ger 0.01
------------------------------ Captured log setup ------------------------------
acl_test.py 1059 INFO ######## Add entry tuser ########------------------------------ Captured log call -------------------------------
acl_test.py 1083 INFO ######## GER rights for anonymous ######## acl_test.py 1093 INFO dn: dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=Directory Administrators,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: ou=Groups,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: ou=People,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: ou=Special Users,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=Accounting Managers,ou=Groups,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=HR Managers,ou=Groups,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=QA Managers,ou=Groups,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=PD Managers,ou=Groups,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=replication_managers,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: ou=Services,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=server.example.com:63701,ou=Services,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=server.example.com:63702,ou=Services,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=bind_entry,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=excepts,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account0,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account1,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account2,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account3,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account4,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account5,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account6,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account7,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account8,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account9,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account10,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account11,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account12,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account13,cn=accounts,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account14,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account15,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account16,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account17,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account18,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: uid=new_account19,cn=staged user,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v' acl_test.py 1093 INFO dn: cn=tuser,dc=example,dc=com acl_test.py 1095 INFO ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_rdn_write_modrdn_anonymous 0.11
------------------------------ Captured log call -------------------------------
acl_test.py 1122 INFO dn: acl_test.py 1124 INFO ######## 'objectClass': [b'top'] acl_test.py 1124 INFO ######## 'defaultnamingcontext': [b'dc=example,dc=com'] acl_test.py 1124 INFO ######## 'dataversion': [b'020190324001830'] acl_test.py 1124 INFO ######## 'netscapemdsuffix': [b'cn=ldap://dc=server,dc=example,dc=com:39001'] acl_test.py 1129 INFO Exception (expected): INSUFFICIENT_ACCESS acl_test.py 1136 INFO The entry was not renamed (expected) acl_test.py 131 INFO Bind as cn=Directory Manager
Passed suites/acl/enhanced_aci_modrnd_test.py::test_enhanced_aci_modrnd 0.04
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. enhanced_aci_modrnd_test.py 30 INFO Add a container: ou=test_ou_1,dc=example,dc=com enhanced_aci_modrnd_test.py 37 INFO Add a container: ou=test_ou_2,dc=example,dc=com enhanced_aci_modrnd_test.py 44 INFO Add a user: cn=test_user,ou=test_ou_1,dc=example,dc=com enhanced_aci_modrnd_test.py 59 INFO Add an ACI 'allow (all)' by cn=test_user,ou=test_ou_1,dc=example,dc=com to the ou=test_ou_1,dc=example,dc=com enhanced_aci_modrnd_test.py 63 INFO Add an ACI 'allow (all)' by cn=test_user,ou=test_ou_1,dc=example,dc=com to the ou=test_ou_2,dc=example,dc=com------------------------------ Captured log call -------------------------------
enhanced_aci_modrnd_test.py 93 INFO Bind as cn=test_user,ou=test_ou_1,dc=example,dc=com enhanced_aci_modrnd_test.py 98 INFO User MODRDN operation from ou=test_ou_1,dc=example,dc=com to ou=test_ou_2,dc=example,dc=com enhanced_aci_modrnd_test.py 103 INFO Check there is no user in ou=test_ou_1,dc=example,dc=com enhanced_aci_modrnd_test.py 109 INFO Check there is our user in ou=test_ou_2,dc=example,dc=com
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_five 0.04
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_six 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_seven 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eight 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_nine 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_ten 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eleven 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_twelve 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_fourteen 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_fifteen 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_sixteen 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_seventeen 0.04
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eighteen 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_caching_changes 0.04
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/globalgroup_test.py::test_deny_group_member_all_rights_to_user 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deny_group_member_all_rights_to_group_members 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_denial 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_denial_two 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_allow 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_allow_two 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_two 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_three 0.04
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_four 0.04
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_targetattr_with_a_single_attribute 0.04
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/modify_test.py::test_allow_write_access_to_targetattr_with_multiple_attibutes 0.04
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_all 0.10
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_with_wildcards_in_dn 0.06
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_with_multiple_dns 0.15
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_target_with_wildcards 0.15
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdnattr 0.10
No log output captured.
Passed suites/acl/modify_test.py::test_allow_selfwrite_access_to_anyone 0.07
No log output captured.
Passed suites/acl/modify_test.py::test_uniquemember_should_also_be_the_owner 0.12
No log output captured.
Passed suites/acl/modify_test.py::test_aci_with_both_allow_and_deny 0.12
No log output captured.
Passed suites/acl/modify_test.py::test_allow_owner_to_modify_entry 0.10
No log output captured.
Passed suites/acl/modrdn_test.py::test_allow_write_privilege_to_anyone 0.01
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/modrdn_test.py::test_allow_write_privilege_to_dynamic_group_with_scope_set_to_base_in_ldap_url 0.04
No log output captured.
Passed suites/acl/modrdn_test.py::test_write_access_to_naming_atributes 0.04
No log output captured.
Passed suites/acl/modrdn_test.py::test_write_access_to_naming_atributes_two 0.32
No log output captured.
Passed suites/acl/modrdn_test.py::test_access_aci_list_contains_any_deny_rule 0.07
No log output captured.
Passed suites/acl/modrdn_test.py::test_renaming_target_entry 0.07
No log output captured.
Passed suites/acl/repeated_ldap_add_test.py::test_repeated_ldap_add 32.40
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stdout call -----------------------------
uid=buser123,ou=BOU,dc=example,dc=com inactivated. ------------------------------ Captured log call -------------------------------
repeated_ldap_add_test.py 182 INFO Testing Bug 1347760 - Information disclosure via repeated use of LDAP ADD operation, etc. repeated_ldap_add_test.py 184 INFO Disabling accesslog logbuffering repeated_ldap_add_test.py 187 INFO Bind as {cn=Directory Manager,password} repeated_ldap_add_test.py 190 INFO Adding ou=BOU a bind user belongs to. repeated_ldap_add_test.py 195 INFO Adding a bind user. repeated_ldap_add_test.py 202 INFO Adding a test user. repeated_ldap_add_test.py 209 INFO Deleting aci in dc=example,dc=com. repeated_ldap_add_test.py 212 INFO While binding as DM, acquire an access log path and instance dir repeated_ldap_add_test.py 218 INFO Bind case 1. the bind user has no rights to read the entry itself, bind should be successful. repeated_ldap_add_test.py 219 INFO Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} who has no access rights. repeated_ldap_add_test.py 227 INFO Access log path: /var/log/dirsrv/slapd-standalone1/access repeated_ldap_add_test.py 230 INFO Bind case 2-1. the bind user does not exist, bind should fail with error INVALID_CREDENTIALS repeated_ldap_add_test.py 231 INFO Bind as {uid=bogus,dc=example,dc=com,bogus} who does not exist. repeated_ldap_add_test.py 235 INFO Exception (expected): INVALID_CREDENTIALS repeated_ldap_add_test.py 236 INFO Desc Invalid credentials repeated_ldap_add_test.py 244 INFO Cause found - [23/Mar/2019:20:19:24.860091785 -0400] conn=1 op=10 RESULT err=49 tag=97 nentries=0 etime=0.0001299714 - No such entry repeated_ldap_add_test.py 248 INFO Bind case 2-2. the bind user's suffix does not exist, bind should fail with error INVALID_CREDENTIALS repeated_ldap_add_test.py 249 INFO Bind as {uid=bogus,ou=people,dc=bogus,bogus} who does not exist. repeated_ldap_add_test.py 258 INFO Cause found - [23/Mar/2019:20:19:25.864499978 -0400] conn=1 op=11 RESULT err=49 tag=97 nentries=0 etime=0.0000929875 - No suffix for bind dn found repeated_ldap_add_test.py 262 INFO Bind case 2-3. the bind user's password is wrong, bind should fail with error INVALID_CREDENTIALS repeated_ldap_add_test.py 263 INFO Bind as {uid=buser123,ou=BOU,dc=example,dc=com,bogus} who does not exist. repeated_ldap_add_test.py 267 INFO Exception (expected): INVALID_CREDENTIALS repeated_ldap_add_test.py 268 INFO Desc Invalid credentials repeated_ldap_add_test.py 276 INFO Cause found - [23/Mar/2019:20:19:26.893890986 -0400] conn=1 op=12 RESULT err=49 tag=97 nentries=0 etime=0.0026262035 - Invalid credentials repeated_ldap_add_test.py 279 INFO Adding aci for uid=buser123,ou=BOU,dc=example,dc=com to ou=BOU,dc=example,dc=com. repeated_ldap_add_test.py 281 INFO aci: (targetattr="*")(version 3.0; acl "buser123"; allow(all) userdn = "ldap:///uid=buser123,ou=BOU,dc=example,dc=com";) repeated_ldap_add_test.py 282 INFO Bind as {cn=Directory Manager,password} repeated_ldap_add_test.py 287 INFO Bind case 3. the bind user has the right to read the entry itself, bind should be successful. repeated_ldap_add_test.py 288 INFO Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} which should be ok. repeated_ldap_add_test.py 291 INFO The following operations are against the subtree the bind user uid=buser123,ou=BOU,dc=example,dc=com has no rights. repeated_ldap_add_test.py 296 INFO Search case 1. the bind user has no rights to read the search entry, it should return no search results with <class 'ldap.SUCCESS'> repeated_ldap_add_test.py 106 INFO Searching existing entry uid=tuser0,ou=people,dc=example,dc=com, which should be ok. repeated_ldap_add_test.py 139 INFO Search should return none repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 302 INFO Search case 2-1. the search entry does not exist, the search should return no search results with SUCCESS repeated_ldap_add_test.py 106 INFO Searching non-existing entry uid=bogus,dc=example,dc=com, which should be ok. repeated_ldap_add_test.py 139 INFO Search should return none repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 308 INFO Search case 2-2. the search entry does not exist, the search should return no search results with SUCCESS repeated_ldap_add_test.py 106 INFO Searching non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should be ok. repeated_ldap_add_test.py 139 INFO Search should return none repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 315 INFO Add case 1. the bind user has no rights AND the adding entry exists, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Adding existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 321 INFO Add case 2-1. the bind user has no rights AND the adding entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Adding non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 327 INFO Add case 2-2. the bind user has no rights AND the adding entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Adding non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 334 INFO Modify case 1. the bind user has no rights AND the modifying entry exists, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Modifying existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 340 INFO Modify case 2-1. the bind user has no rights AND the modifying entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Modifying non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 346 INFO Modify case 2-2. the bind user has no rights AND the modifying entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Modifying non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 353 INFO Modrdn case 1. the bind user has no rights AND the renaming entry exists, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Renaming existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 359 INFO Modrdn case 2-1. the bind user has no rights AND the renaming entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Renaming non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 365 INFO Modrdn case 2-2. the bind user has no rights AND the renaming entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Renaming non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 371 INFO Modrdn case 3. the bind user has no rights AND the node moving an entry to exists, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Moving to existing superior ou=groups,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 377 INFO Modrdn case 4-1. the bind user has no rights AND the node moving an entry to does not, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 383 INFO Modrdn case 4-2. the bind user has no rights AND the node moving an entry to does not, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 390 INFO Delete case 1. the bind user has no rights AND the deleting entry exists, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Deleting existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 396 INFO Delete case 2-1. the bind user has no rights AND the deleting entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Deleting non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 402 INFO Delete case 2-2. the bind user has no rights AND the deleting entry does not exist, it should fail with INSUFFICIENT_ACCESS repeated_ldap_add_test.py 106 INFO Deleting non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. repeated_ldap_add_test.py 129 INFO Exception (expected): INSUFFICIENT_ACCESS repeated_ldap_add_test.py 130 INFO Desc Insufficient access repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 405 INFO EXTRA: Check no regressions repeated_ldap_add_test.py 406 INFO Adding aci for uid=buser123,ou=BOU,dc=example,dc=com to dc=example,dc=com. repeated_ldap_add_test.py 408 INFO Bind as {cn=Directory Manager,password} repeated_ldap_add_test.py 413 INFO Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123}. repeated_ldap_add_test.py 423 INFO Search case. the search entry does not exist, the search should fail with NO_SUCH_OBJECT repeated_ldap_add_test.py 106 INFO Searching non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. repeated_ldap_add_test.py 129 INFO Exception (expected): NO_SUCH_OBJECT repeated_ldap_add_test.py 130 INFO Desc No such object repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 429 INFO Add case. the adding entry already exists, it should fail with ALREADY_EXISTS repeated_ldap_add_test.py 106 INFO Adding existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with ALREADY_EXISTS. repeated_ldap_add_test.py 129 INFO Exception (expected): ALREADY_EXISTS repeated_ldap_add_test.py 130 INFO Desc Already exists repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 434 INFO Modify case. the modifying entry does not exist, it should fail with NO_SUCH_OBJECT repeated_ldap_add_test.py 106 INFO Modifying non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. repeated_ldap_add_test.py 129 INFO Exception (expected): NO_SUCH_OBJECT repeated_ldap_add_test.py 130 INFO Desc No such object repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 439 INFO Modrdn case 1. the renaming entry does not exist, it should fail with NO_SUCH_OBJECT repeated_ldap_add_test.py 106 INFO Renaming non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. repeated_ldap_add_test.py 129 INFO Exception (expected): NO_SUCH_OBJECT repeated_ldap_add_test.py 130 INFO Desc No such object repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 444 INFO Modrdn case 2. the node moving an entry to does not, it should fail with NO_SUCH_OBJECT repeated_ldap_add_test.py 106 INFO Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. repeated_ldap_add_test.py 129 INFO Exception (expected): NO_SUCH_OBJECT repeated_ldap_add_test.py 130 INFO Desc No such object repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 449 INFO Delete case. the deleting entry does not exist, it should fail with NO_SUCH_OBJECT repeated_ldap_add_test.py 106 INFO Deleting non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. repeated_ldap_add_test.py 129 INFO Exception (expected): NO_SUCH_OBJECT repeated_ldap_add_test.py 130 INFO Desc No such object repeated_ldap_add_test.py 146 INFO PASSED repeated_ldap_add_test.py 452 INFO Inactivate uid=buser123,ou=BOU,dc=example,dc=com repeated_ldap_add_test.py 459 INFO ['/usr/sbin/ns-inactivate.pl', '-Z', 'standalone1', '-D', 'cn=Directory Manager', '-w', 'password', '-I', 'uid=buser123,ou=BOU,dc=example,dc=com'] repeated_ldap_add_test.py 463 INFO Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} which should fail with UNWILLING_TO_PERFORM. repeated_ldap_add_test.py 467 INFO Exception (expected): UNWILLING_TO_PERFORM repeated_ldap_add_test.py 468 INFO Desc Server is unwilling to perform repeated_ldap_add_test.py 471 INFO Bind as {uid=buser123,ou=BOU,dc=example,dc=com,bogus} which should fail with UNWILLING_TO_PERFORM. repeated_ldap_add_test.py 475 INFO Exception (expected): UNWILLING_TO_PERFORM repeated_ldap_add_test.py 476 INFO Desc Server is unwilling to perform repeated_ldap_add_test.py 479 INFO SUCCESS
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_non_leaf 0.21
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_wildcard_non_leaf 0.20
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_wildcard_leaf 0.20
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_equality_search 0.17
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_equality_search_two 0.19
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_substring_search 0.16
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_substring_search_two 0.20
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_boolean_or_of_two_equality_search 0.05
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_to__userdn_two 0.18
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_userdn 0.18
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_presence_search 0.07
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url 0.15
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url_two 0.15
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url_matching_all_users 0.19
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_a_dynamic_group 0.15
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_with_host_port_set_on_ldap_url 0.10
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_with_scope_set_to_one_in_ldap_url 0.13
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_two 0.19
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_access_to_group_should_deny_access_to_all_uniquemember 0.17
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_entry_with_lots_100_attributes 3.53
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_groupdnattr_value_is_another_group 0.07
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with_target_set 0.15
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_test.py::test_deny_all_access_to_a_target_with_wild_card 0.18
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_without_a_target_set 0.21
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_read_search_and_compare_access_with_target_and_targetattr_set 0.18
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_read_access_to_multiple_groupdns 0.23
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_to_userdnattr 0.22
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with__target_set 0.19
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with__targetattr_set 0.27
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with_targetattr_set 0.15
No log output captured.
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_add 0.24
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. selfdn_permissions_test.py 57 INFO Add OCticket47653 that allows 'member' attribute selfdn_permissions_test.py 62 INFO Add cn=bind_entry, dc=example,dc=com------------------------------ Captured log call -------------------------------
selfdn_permissions_test.py 105 INFO ######################### ADD ###################### selfdn_permissions_test.py 108 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 138 INFO Try to add Add cn=test_entry, dc=example,dc=com (aci is missing): dn: cn=test_entry, dc=example,dc=com cn: test_entry member: cn=bind_entry, dc=example,dc=com objectclass: top objectclass: person objectclass: OCticket47653 postalAddress: here postalCode: 1234 sn: test_entry selfdn_permissions_test.py 142 INFO Exception (expected): INSUFFICIENT_ACCESS selfdn_permissions_test.py 146 INFO Bind as cn=Directory Manager and add the ADD SELFDN aci selfdn_permissions_test.py 158 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 163 INFO Try to add Add cn=test_entry, dc=example,dc=com (member is missing) selfdn_permissions_test.py 171 INFO Exception (expected): INSUFFICIENT_ACCESS selfdn_permissions_test.py 177 INFO Try to add Add cn=test_entry, dc=example,dc=com (with several member values) selfdn_permissions_test.py 180 INFO Exception (expected): INSUFFICIENT_ACCESS selfdn_permissions_test.py 183 INFO Try to add Add cn=test_entry, dc=example,dc=com should be successful
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_search 0.20
------------------------------ Captured log call -------------------------------
selfdn_permissions_test.py 204 INFO ######################### SEARCH ###################### selfdn_permissions_test.py 206 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 210 INFO Try to search cn=test_entry, dc=example,dc=com (aci is missing) selfdn_permissions_test.py 215 INFO Bind as cn=Directory Manager and add the READ/SEARCH SELFDN aci selfdn_permissions_test.py 228 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 232 INFO Try to search cn=test_entry, dc=example,dc=com should be successful
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_modify 0.23
------------------------------ Captured log call -------------------------------
selfdn_permissions_test.py 255 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 258 INFO ######################### MODIFY ###################### selfdn_permissions_test.py 262 INFO Try to modify cn=test_entry, dc=example,dc=com (aci is missing) selfdn_permissions_test.py 266 INFO Exception (expected): INSUFFICIENT_ACCESS selfdn_permissions_test.py 270 INFO Bind as cn=Directory Manager and add the WRITE SELFDN aci selfdn_permissions_test.py 283 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 287 INFO Try to modify cn=test_entry, dc=example,dc=com. It should succeeds
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_delete 0.19
------------------------------ Captured log call -------------------------------
selfdn_permissions_test.py 312 INFO ######################### DELETE ###################### selfdn_permissions_test.py 315 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 320 INFO Try to delete cn=test_entry, dc=example,dc=com (aci is missing) selfdn_permissions_test.py 323 INFO Exception (expected): INSUFFICIENT_ACCESS selfdn_permissions_test.py 327 INFO Bind as cn=Directory Manager and add the READ/SEARCH SELFDN aci selfdn_permissions_test.py 339 INFO Bind as cn=bind_entry, dc=example,dc=com selfdn_permissions_test.py 343 INFO Try to delete cn=test_entry, dc=example,dc=com should be successful
Passed suites/acl/valueacl_part2_test.py::test_we_can_search_as_expected 0.01
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/valueacl_part2_test.py::test_we_can_mod_title_as_expected 0.04
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_modify_with_multiple_filters 0.03
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_denied_by_multiple_filters 0.04
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_allowed_add_one_attribute 0.03
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_cannot_add_an_entry_with_attribute_values_we_are_not_allowed_add 0.04
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_on_modrdn 0.03
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_on_modrdn_allow 0.04
No log output captured.
Passed suites/acl/valueacl_part2_test.py::test_targattrfilters_keyword 0.08
No log output captured.
Passed suites/acl/valueacl_test.py::test_delete_an_attribute_value_we_are_not_allowed_to_delete 0.04
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/valueacl_test.py::test_donot_allow_write_access_to_title_if_value_is_not_architect 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_delete_an_attribute_value_we_are_allowed_to_delete 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_delete_an_attribute_value_we_are_not_allowed_to_deleted 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_allow_modify_replace 0.05
No log output captured.
Passed suites/acl/valueacl_test.py::test_allow_modify_delete 0.07
No log output captured.
Passed suites/acl/valueacl_test.py::test_replace_an_attribute_if_we_lack 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_remove_an_attribute_if_we_have_del_rights_to_all_attr_value 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_remove_an_attribute_if_we_donot_have_del_rights_to_all_attr_value 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_remove_an_attribute_if_we_have_del_rights_to_all_attr_values 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_cantnot_delete_an_entry_with_attribute_values_we_are_not_allowed_delete 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_we_can_add_and_delete_an_entry_with_attribute_values_we_are_allowed_add_and_delete 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_allow_title 0.05
No log output captured.
Passed suites/acl/valueacl_test.py::test_allow_to_modify 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_selfwrite_does_not_confer_write_on_a_targattrfilters_atribute 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_selfwrite_continues_to_give_rights_to_attr_in_targetattr_list 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_add_an_attribute_value_we_are_allowed_to_add_with_ldapanyone 0.03
No log output captured.
Passed suites/acl/valueacl_test.py::test_hierarchy 0.04
No log output captured.
Passed suites/acl/valueacl_test.py::test_targattrfilters_and_search_permissions_and_that_ldapmodify_works_as_expected 0.03
No log output captured.
Passed suites/acl/valueacl_test.py::test_targattrfilters_and_search_permissions_and_that_ldapmodify_works_as_expected_two 0.01
No log output captured.
Passed suites/automember_plugin/automember_mod_test.py::test_mods 6.34
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
automember_mod_test.py 134 INFO Test PASSED
Passed suites/automember_plugin/automember_test.py::test_automemberscope 0.00
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/automember_plugin/automember_test.py::test_automemberfilter 0.01
No log output captured.
Passed suites/automember_plugin/automember_test.py::test_adduser 0.01
No log output captured.
Passed suites/automember_plugin/automember_test.py::test_delete_default_group 2.21
No log output captured.
Passed suites/automember_plugin/automember_test.py::test_delete_target_group 2.22
No log output captured.
Passed suites/basic/basic_test.py::test_basic_ops 0.11
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/basic/basic_test.py::test_basic_import_export 35.29
----------------------------- Captured stderr call -----------------------------
ldiffile: /var/lib/dirsrv/slapd-standalone1/ldif/export.ldif
Passed suites/basic/basic_test.py::test_basic_backup 7.53
------------------------------ Captured log call -------------------------------
tasks.py 558 INFO Backup task backup_03232019_202156 completed successfully tasks.py 612 INFO Restore task restore_03232019_202158 completed successfully
Passed suites/basic/basic_test.py::test_basic_db2index 2.61
----------------------------- Captured stderr call -----------------------------
[23/Mar/2019:20:22:03.951381370 -0400] - INFO - ldbm_instance_config_cachememsize_set - force a minimal value 512000 [23/Mar/2019:20:22:03.955178269 -0400] - INFO - check_and_set_import_cache - pagesize: 4096, available bytes 7778754560, process usage 22700032 [23/Mar/2019:20:22:03.955727642 -0400] - INFO - check_and_set_import_cache - Import allocates 3038576KB import cache. [23/Mar/2019:20:22:03.956646470 -0400] - INFO - dblayer_copy_directory - Backing up file 0 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/telephoneNumber.db) [23/Mar/2019:20:22:03.957226829 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/telephoneNumber.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/telephoneNumber.db [23/Mar/2019:20:22:03.957858776 -0400] - INFO - dblayer_copy_directory - Backing up file 1 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/cn.db) [23/Mar/2019:20:22:03.958526780 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/cn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/cn.db [23/Mar/2019:20:22:03.959074938 -0400] - INFO - dblayer_copy_directory - Backing up file 2 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/mail.db) [23/Mar/2019:20:22:03.959608404 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/mail.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/mail.db [23/Mar/2019:20:22:03.960606706 -0400] - INFO - dblayer_copy_directory - Backing up file 3 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/givenName.db) [23/Mar/2019:20:22:03.961134054 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/givenName.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/givenName.db [23/Mar/2019:20:22:03.961546984 -0400] - INFO - dblayer_copy_directory - Backing up file 4 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/ancestorid.db) [23/Mar/2019:20:22:03.961955919 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/ancestorid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/ancestorid.db [23/Mar/2019:20:22:03.962339961 -0400] - INFO - dblayer_copy_directory - Backing up file 5 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/numsubordinates.db) [23/Mar/2019:20:22:03.962851270 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/numsubordinates.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/numsubordinates.db [23/Mar/2019:20:22:03.963293690 -0400] - INFO - dblayer_copy_directory - Backing up file 6 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/nsuniqueid.db) [23/Mar/2019:20:22:03.963730129 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/nsuniqueid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/nsuniqueid.db [23/Mar/2019:20:22:03.964163967 -0400] - INFO - dblayer_copy_directory - Backing up file 7 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/entryrdn.db) [23/Mar/2019:20:22:03.964591604 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/entryrdn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/entryrdn.db [23/Mar/2019:20:22:03.965085192 -0400] - INFO - dblayer_copy_directory - Backing up file 8 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/aci.db) [23/Mar/2019:20:22:03.965517530 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/aci.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/aci.db [23/Mar/2019:20:22:03.965998411 -0400] - INFO - dblayer_copy_directory - Backing up file 9 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/uniquemember.db) [23/Mar/2019:20:22:03.966363242 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/uniquemember.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/uniquemember.db [23/Mar/2019:20:22:03.966771688 -0400] - INFO - dblayer_copy_directory - Backing up file 10 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/sn.db) [23/Mar/2019:20:22:03.967212131 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/sn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/sn.db [23/Mar/2019:20:22:03.967654361 -0400] - INFO - dblayer_copy_directory - Backing up file 11 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/DBVERSION) [23/Mar/2019:20:22:03.968083296 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/DBVERSION to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/DBVERSION [23/Mar/2019:20:22:03.968487656 -0400] - INFO - dblayer_copy_directory - Backing up file 12 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/objectclass.db) [23/Mar/2019:20:22:03.968927049 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/objectclass.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/objectclass.db [23/Mar/2019:20:22:03.969610898 -0400] - INFO - dblayer_copy_directory - Backing up file 13 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/parentid.db) [23/Mar/2019:20:22:03.970195928 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/parentid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/parentid.db [23/Mar/2019:20:22:03.970607764 -0400] - INFO - dblayer_copy_directory - Backing up file 14 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/entryusn.db) [23/Mar/2019:20:22:03.971184087 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/entryusn.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/entryusn.db [23/Mar/2019:20:22:03.971744805 -0400] - INFO - dblayer_copy_directory - Backing up file 15 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/uid.db) [23/Mar/2019:20:22:03.972217838 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/uid.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/uid.db [23/Mar/2019:20:22:03.972733287 -0400] - INFO - dblayer_copy_directory - Backing up file 16 (/var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/id2entry.db) [23/Mar/2019:20:22:03.973198818 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/userRoot/id2entry.db to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/userRoot/id2entry.db [23/Mar/2019:20:22:03.973998075 -0400] - INFO - upgradedb_core - userRoot: Start upgradedb. [23/Mar/2019:20:22:03.974692047 -0400] - INFO - dblayer_instance_start - Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [23/Mar/2019:20:22:04.091807161 -0400] - INFO - import_main_offline - reindex userRoot: Index buffering enabled with bucket size 100 [23/Mar/2019:20:22:04.794048556 -0400] - INFO - import_monitor_threads - reindex userRoot: Workers finished; cleaning up... [23/Mar/2019:20:22:04.994990981 -0400] - INFO - import_monitor_threads - reindex userRoot: Workers cleaned up. [23/Mar/2019:20:22:04.995734357 -0400] - INFO - import_main_offline - reindex userRoot: Cleaning up producer thread... [23/Mar/2019:20:22:04.996377440 -0400] - INFO - import_main_offline - reindex userRoot: Indexing complete. Post-processing... [23/Mar/2019:20:22:04.996846927 -0400] - INFO - import_main_offline - reindex userRoot: Generating numsubordinates (this may take several minutes to complete)... [23/Mar/2019:20:22:04.997390151 -0400] - INFO - import_main_offline - reindex userRoot: Generating numSubordinates complete. [23/Mar/2019:20:22:04.997910734 -0400] - INFO - ldbm_get_nonleaf_ids - reindex userRoot: Gathering ancestorid non-leaf IDs... [23/Mar/2019:20:22:04.998381428 -0400] - INFO - ldbm_get_nonleaf_ids - reindex userRoot: Finished gathering ancestorid non-leaf IDs. [23/Mar/2019:20:22:04.999561986 -0400] - INFO - ldbm_ancestorid_new_idl_create_index - reindex userRoot: Creating ancestorid index (new idl)... [23/Mar/2019:20:22:05.000483698 -0400] - INFO - ldbm_ancestorid_new_idl_create_index - reindex userRoot: Created ancestorid index (new idl). [23/Mar/2019:20:22:05.001036358 -0400] - INFO - import_main_offline - reindex userRoot: Flushing caches... [23/Mar/2019:20:22:05.001409026 -0400] - INFO - import_main_offline - reindex userRoot: Closing files... [23/Mar/2019:20:22:05.029155962 -0400] - INFO - dblayer_pre_close - All database threads now stopped [23/Mar/2019:20:22:05.030030262 -0400] - INFO - import_main_offline - reindex userRoot: Reindexing complete. Processed 160 entries in 1 seconds. (160.00 entries/sec) [23/Mar/2019:20:22:05.031374823 -0400] - INFO - dblayer_copyfile - Copying /var/lib/dirsrv/slapd-standalone1/db/log.0000000001 to /var/lib/dirsrv/slapd-standalone1/bak/reindex_2019-03-23T20:22:03.844271/log.0000000001 [23/Mar/2019:20:22:05.040057368 -0400] - WARN - dblayer_get_home_dir - Db home directory is not set. Possibly nsslapd-directory (optionally nsslapd-db-home-directory) is missing in the config file. [23/Mar/2019:20:22:05.040718684 -0400] - ERR - dblayer_copyfile - Failed to open source file (null)/DBVERSION by "No such file or directory" [23/Mar/2019:20:22:05.041216886 -0400] - INFO - dblayer_pre_close - All database threads now stopped [23/Mar/2019:20:22:05.166853151 -0400] - INFO - slapd_exemode_db2index - Backend Instance: userRoot [23/Mar/2019:20:22:05.168537561 -0400] - INFO - ldbm_instance_config_cachememsize_set - force a minimal value 512000 [23/Mar/2019:20:22:05.172459578 -0400] - INFO - dblayer_instance_start - Import is running with nsslapd-db-private-import-mem on; No other process is allowed to access the database [23/Mar/2019:20:22:05.173152166 -0400] - INFO - check_and_set_import_cache - pagesize: 4096, available bytes 7779233792, process usage 22675456 [23/Mar/2019:20:22:05.173605529 -0400] - INFO - check_and_set_import_cache - Import allocates 3038763KB import cache. [23/Mar/2019:20:22:05.291185140 -0400] - INFO - ldbm_back_ldbm2index - userRoot: Indexing attribute: uid [23/Mar/2019:20:22:05.298241747 -0400] - INFO - ldbm_back_ldbm2index - userRoot: Finished indexing. [23/Mar/2019:20:22:05.310035580 -0400] - INFO - dblayer_pre_close - All database threads now stopped
Passed suites/basic/basic_test.py::test_basic_acl 0.24
No log output captured.
Passed suites/basic/basic_test.py::test_basic_searches 0.11
No log output captured.
Passed suites/basic/basic_test.py::test_basic_referrals 2.18
No log output captured.
Passed suites/basic/basic_test.py::test_basic_systemctl 7.34
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because the control process exited with error code. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.
Passed suites/basic/basic_test.py::test_basic_ldapagent 5.02
No log output captured.
Passed suites/basic/basic_test.py::test_basic_dse_survives_kill9 11.16
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[namingContexts] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[supportedLDAPVersion] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[supportedControl] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[supportedExtension] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[supportedSASLMechanisms] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[vendorName] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_def_rootdse_attr[vendorVersion] 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[namingContexts] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[supportedLDAPVersion] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[supportedControl] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[supportedExtension] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[supportedSASLMechanisms] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[vendorName] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_mod_def_rootdse_attr[vendorVersion] 0.00
No log output captured.
Passed suites/basic/basic_test.py::test_basic_anonymous_search 0.03
No log output captured.
Passed suites/basic/basic_test.py::test_search_original_type 0.02
No log output captured.
Passed suites/basic/basic_test.py::test_search_ou 0.01
No log output captured.
Passed suites/basic/basic_test.py::test_connection_buffer_size 0.02
No log output captured.
Passed suites/basic/basic_test.py::test_critical_msg_on_empty_range_idl 3.72
No log output captured.
Passed suites/basic/basic_test.py::test_ticketldbm_audit 0.03
No log output captured.
Passed suites/betxns/betxn_test.py::test_betxt_7bit 2.18
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
betxn_test.py 48 INFO Running test_betxt_7bit... betxn_test.py 74 INFO test_betxt_7bit: PASSED
Passed suites/betxns/betxn_test.py::test_betxn_attr_uniqueness 2.19
------------------------------ Captured log call -------------------------------
betxn_test.py 125 INFO test_betxn_attr_uniqueness: PASSED
Passed suites/betxns/betxn_test.py::test_betxn_memberof 2.18
------------------------------ Captured log call -------------------------------
betxn_test.py 171 INFO test_betxn_memberof: PASSED
Passed suites/betxns/betxn_test.py::test_betxn_modrdn_memberof_cache_corruption 2.45
------------------------------ Captured log call -------------------------------
betxn_test.py 225 INFO test_betxn_modrdn_memberof: PASSED
Passed suites/betxns/betxn_test.py::test_ri_and_mep_cache_corruption 0.07
------------------------------ Captured log call -------------------------------
betxn_test.py 335 INFO Test PASSED
Passed suites/clu/clu_test.py::test_clu_pwdhash 0.03
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
clu_test.py 38 INFO Running test_clu_pwdhash... clu_test.py 52 INFO pwdhash generated: {SSHA}xTKsT+oUkxYSwQHlguI8j9idm2Up3gW4MIn6Xg== clu_test.py 53 INFO test_clu_pwdhash: PASSED
Passed suites/clu/clu_test.py::test_clu_pwdhash_mod 0.05
------------------------------ Captured log call -------------------------------
clu_test.py 76 INFO Running test_clu_pwdhash_mod... clu_test.py 85 INFO pwdhash generated: {SSHA256}cTjhUuviJXwXej+WxEVGTSNWJk6oxL68/lTW6n5u/G3+2POwdit4nw== clu_test.py 86 INFO returned the hashed string using the algorithm set in nsslapd-rootpwstoragescheme
Passed suites/config/autotuning_test.py::test_threads_basic 0.01
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
autotuning_test.py 37 INFO Set nsslapd-threadnumber: -1 to enable autotuning autotuning_test.py 40 INFO Assert nsslapd-threadnumber is equal to the documented expected value
Passed suites/config/autotuning_test.py::test_threads_invalid_value[-2] 0.00
------------------------------ Captured log call -------------------------------
autotuning_test.py 56 INFO Set nsslapd-threadnumber: -2. Operation should fail
Passed suites/config/autotuning_test.py::test_threads_invalid_value[0] 0.00
------------------------------ Captured log call -------------------------------
autotuning_test.py 56 INFO Set nsslapd-threadnumber: 0. Operation should fail
Passed suites/config/autotuning_test.py::test_threads_invalid_value[invalid] 0.00
------------------------------ Captured log call -------------------------------
autotuning_test.py 56 INFO Set nsslapd-threadnumber: invalid. Operation should fail
Passed suites/config/autotuning_test.py::test_threads_back_from_manual_value 0.03
------------------------------ Captured log call -------------------------------
autotuning_test.py 78 INFO Set nsslapd-threadnumber: -1 to enable autotuning and save the new value autotuning_test.py 82 INFO Set nsslapd-threadnumber to the autotuned value decreased by 2 autotuning_test.py 87 INFO Set nsslapd-threadnumber: -1 to enable autotuning autotuning_test.py 90 INFO Assert nsslapd-threadnumber is back to the autotuned value
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[-] 2.21
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 132 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'25' autotuning_test.py 141 INFO Delete nsslapd-cache-autosize autotuning_test.py 151 INFO Delete nsslapd-cache-autosize-split autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 173 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'25'
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[-0] 2.17
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 132 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'25' autotuning_test.py 141 INFO Delete nsslapd-cache-autosize autotuning_test.py 148 INFO Set nsslapd-cache-autosize-split to 0 autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 173 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'0'
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[10-400] 2.17
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 132 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'0' autotuning_test.py 138 INFO Set nsslapd-cache-autosize to 10 autotuning_test.py 148 INFO Set nsslapd-cache-autosize-split to 40 autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 173 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'40'
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[-40] 2.19
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 132 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'40' autotuning_test.py 141 INFO Delete nsslapd-cache-autosize autotuning_test.py 148 INFO Set nsslapd-cache-autosize-split to 40 autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 173 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'40'
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[10-] 2.16
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 132 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'40' autotuning_test.py 138 INFO Set nsslapd-cache-autosize to 10 autotuning_test.py 151 INFO Delete nsslapd-cache-autosize-split autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 173 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'25'
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[10-401] 2.18
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 132 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'25' autotuning_test.py 138 INFO Set nsslapd-cache-autosize to 10 autotuning_test.py 148 INFO Set nsslapd-cache-autosize-split to 40 autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 173 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'40'
Passed suites/config/autotuning_test.py::test_cache_autosize_non_zero[10-0] 2.43
------------------------------ Captured log call -------------------------------
autotuning_test.py 130 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 131 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 132 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 133 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 134 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 135 INFO nsslapd-cache-autosize-split == b'40' autotuning_test.py 138 INFO Set nsslapd-cache-autosize to 10 autotuning_test.py 148 INFO Set nsslapd-cache-autosize-split to 0 autotuning_test.py 157 INFO Trying to set nsslapd-cachememsize to 33333333 autotuning_test.py 160 INFO Trying to set nsslapd-dbcachesize to 33333333 autotuning_test.py 171 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 172 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 173 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 174 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 175 INFO nsslapd-cache-autosize == b'10' autotuning_test.py 176 INFO nsslapd-cache-autosize-split == b'0'
Passed suites/config/autotuning_test.py::test_cache_autosize_basic_sane[0] 4.32
------------------------------ Captured log call -------------------------------
autotuning_test.py 220 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 221 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 222 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 223 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 224 INFO nsslapd-cache-autosize-split == b'0' autotuning_test.py 227 INFO Set nsslapd-cache-autosize-split to 0 autotuning_test.py 236 INFO Set nsslapd-dbcachesize to 0 autotuning_test.py 238 INFO Set nsslapd-cachememsize to 0 autotuning_test.py 248 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 249 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 250 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 251 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 252 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 253 INFO nsslapd-cache-autosize-split == b'0' autotuning_test.py 220 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 221 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 222 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 223 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 224 INFO nsslapd-cache-autosize-split == b'0' autotuning_test.py 227 INFO Set nsslapd-cache-autosize-split to 0 autotuning_test.py 236 INFO Set nsslapd-dbcachesize to 33333333 autotuning_test.py 238 INFO Set nsslapd-cachememsize to 33333333 autotuning_test.py 248 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 249 INFO nsslapd-dbcachesize == b'33333333' autotuning_test.py 250 INFO nsslapd-cachememsize == b'33333333' autotuning_test.py 251 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 252 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 253 INFO nsslapd-cache-autosize-split == b'0'
Passed suites/config/autotuning_test.py::test_cache_autosize_basic_sane[] 4.34
------------------------------ Captured log call -------------------------------
autotuning_test.py 220 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 221 INFO nsslapd-dbcachesize == b'33333333' autotuning_test.py 222 INFO nsslapd-cachememsize == b'33333333' autotuning_test.py 223 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 224 INFO nsslapd-cache-autosize-split == b'0' autotuning_test.py 230 INFO Delete nsslapd-cache-autosize-split autotuning_test.py 236 INFO Set nsslapd-dbcachesize to 0 autotuning_test.py 238 INFO Set nsslapd-cachememsize to 0 autotuning_test.py 248 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 249 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 250 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 251 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 252 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 253 INFO nsslapd-cache-autosize-split == b'25' autotuning_test.py 220 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 221 INFO nsslapd-dbcachesize == b'167228211' autotuning_test.py 222 INFO nsslapd-cachememsize == b'603979776' autotuning_test.py 223 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 224 INFO nsslapd-cache-autosize-split == b'25' autotuning_test.py 230 INFO Delete nsslapd-cache-autosize-split autotuning_test.py 236 INFO Set nsslapd-dbcachesize to 33333333 autotuning_test.py 238 INFO Set nsslapd-cachememsize to 33333333 autotuning_test.py 248 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 249 INFO nsslapd-dbcachesize == b'33333333' autotuning_test.py 250 INFO nsslapd-cachememsize == b'33333333' autotuning_test.py 251 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 252 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 253 INFO nsslapd-cache-autosize-split == b'25'
Passed suites/config/autotuning_test.py::test_cache_autosize_basic_sane[40] 4.33
------------------------------ Captured log call -------------------------------
autotuning_test.py 220 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 221 INFO nsslapd-dbcachesize == b'33333333' autotuning_test.py 222 INFO nsslapd-cachememsize == b'33333333' autotuning_test.py 223 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 224 INFO nsslapd-cache-autosize-split == b'25' autotuning_test.py 227 INFO Set nsslapd-cache-autosize-split to 40 autotuning_test.py 236 INFO Set nsslapd-dbcachesize to 0 autotuning_test.py 238 INFO Set nsslapd-cachememsize to 0 autotuning_test.py 248 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 249 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 250 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 251 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 252 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 253 INFO nsslapd-cache-autosize-split == b'40' autotuning_test.py 220 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize before the test autotuning_test.py 221 INFO nsslapd-dbcachesize == b'267565137' autotuning_test.py 222 INFO nsslapd-cachememsize == b'469762048' autotuning_test.py 223 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 224 INFO nsslapd-cache-autosize-split == b'40' autotuning_test.py 227 INFO Set nsslapd-cache-autosize-split to 40 autotuning_test.py 236 INFO Set nsslapd-dbcachesize to 33333333 autotuning_test.py 238 INFO Set nsslapd-cachememsize to 33333333 autotuning_test.py 248 INFO Check nsslapd-dbcachesize and nsslapd-cachememsize in the appropriate range. autotuning_test.py 249 INFO nsslapd-dbcachesize == b'33333333' autotuning_test.py 250 INFO nsslapd-cachememsize == b'33333333' autotuning_test.py 251 INFO nsslapd-dncachememsize == b'67108864' autotuning_test.py 252 INFO nsslapd-cache-autosize == b'0' autotuning_test.py 253 INFO nsslapd-cache-autosize-split == b'40'
Passed suites/config/autotuning_test.py::test_cache_autosize_invalid_values[-2] 0.01
------------------------------ Captured log call -------------------------------
autotuning_test.py 281 INFO Set nsslapd-cache-autosize-split to -2 autotuning_test.py 287 INFO Set nsslapd-cache-autosize to -2
Passed suites/config/autotuning_test.py::test_cache_autosize_invalid_values[102] 0.01
------------------------------ Captured log call -------------------------------
autotuning_test.py 281 INFO Set nsslapd-cache-autosize-split to 102 autotuning_test.py 287 INFO Set nsslapd-cache-autosize to 102
Passed suites/config/autotuning_test.py::test_cache_autosize_invalid_values[invalid] 0.01
------------------------------ Captured log call -------------------------------
autotuning_test.py 281 INFO Set nsslapd-cache-autosize-split to invalid autotuning_test.py 287 INFO Set nsslapd-cache-autosize to invalid
Passed suites/config/regression_test.py::test_maxbersize_repl 2.32
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
regression_test.py 98 INFO Set nsslapd-errorlog-maxlogsize before nsslapd-errorlog-logmaxdiskspace regression_test.py 102 INFO Assert no init_dse_file errors in the error log regression_test.py 106 INFO Set nsslapd-errorlog-maxlogsize after nsslapd-errorlog-logmaxdiskspace regression_test.py 110 INFO Assert no init_dse_file errors in the error log
Passed suites/config/removed_config_49298_test.py::test_restore_config 1.14
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
removed_config_49298_test.py 41 INFO /etc/dirsrv/slapd-standalone1
Passed suites/config/removed_config_49298_test.py::test_removed_config 0.05
----------------------------- Captured stderr call -----------------------------
Job for dirsrv@standalone1.service failed because the control process exited with error code. See "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details. ------------------------------ Captured log call -------------------------------
removed_config_49298_test.py 70 INFO /etc/dirsrv/slapd-standalone1
Passed suites/cos/cos_test.py::test_positive 0.02
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/cos/indirect_cos_test.py::test_indirect_cos 1.32
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. indirect_cos_test.py 106 INFO Add custom schema... indirect_cos_test.py 119 INFO Add test user... indirect_cos_test.py 136 INFO Setup indirect COS...------------------------------ Captured log call -------------------------------
indirect_cos_test.py 156 INFO Checking user... indirect_cos_test.py 55 INFO Create password policy for subtree ou=people,dc=example,dc=com indirect_cos_test.py 163 INFO Checking user...
Passed suites/disk_monitoring/disk_monitoring_test.py::test_verify_operation_when_disk_monitoring_is_off 2.20
---------------------------- Captured stdout setup -----------------------------
Relabeled /var/log/dirsrv/slapd-standalone1 from unconfined_u:object_r:user_tmp_t:s0 to system_u:object_r:dirsrv_var_log_t:s0 ---------------------------- Captured stderr setup -----------------------------
chown: cannot access '/var/log/dirsrv/slapd-standalone1/*': No such file or directory ------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.----------------------------- Captured stderr call -----------------------------
25+0 records in 25+0 records out 26214400 bytes (26 MB, 25 MiB) copied, 0.0109632 s, 2.4 GB/s dd: error writing '/var/log/dirsrv/slapd-standalone1/foo1': No space left on device 10+0 records in 9+0 records out 10465280 bytes (10 MB, 10 MiB) copied, 0.00453133 s, 2.3 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_free_up_the_disk_space_and_change_ds_config 2.15
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_verify_operation_with_nsslapd_disk_monitoring_logging_critical_off 32.25
----------------------------- Captured stderr call -----------------------------
10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0.00468023 s, 2.2 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_operation_with_nsslapd_disk_monitoring_logging_critical_on_below_half_of_the_threshold 23.20
----------------------------- Captured stderr call -----------------------------
31+0 records in 31+0 records out 32505856 bytes (33 MB, 31 MiB) copied, 0.0134816 s, 2.4 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_setting_nsslapd_disk_monitoring_logging_critical_to_off 2.18
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_operation_with_nsslapd_disk_monitoring_logging_critical_off 69.59
----------------------------- Captured stderr call -----------------------------
10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0.00464544 s, 2.3 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_operation_with_nsslapd_disk_monitoring_logging_critical_off_below_half_of_the_threshold 147.09
----------------------------- Captured stderr call -----------------------------
30+0 records in 30+0 records out 31457280 bytes (31 MB, 30 MiB) copied, 0.0131997 s, 2.4 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_go_straight_below_half_of_the_threshold 105.74
----------------------------- Captured stderr call -----------------------------
31+0 records in 31+0 records out 32505856 bytes (33 MB, 31 MiB) copied, 0.01346 s, 2.4 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_go_straight_below_4kb 15.60
----------------------------- Captured stderr call -----------------------------
25+0 records in 25+0 records out 26214400 bytes (26 MB, 25 MiB) copied, 0.0112781 s, 2.3 GB/s dd: error writing '/var/log/dirsrv/slapd-standalone1/foo1': No space left on device 10+0 records in 9+0 records out 10371072 bytes (10 MB, 9.9 MiB) copied, 0.00457153 s, 2.3 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_threshold_to_overflow_value 0.02
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_threshold_is_reached_to_half 12.20
----------------------------- Captured stderr call -----------------------------
10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0.00467055 s, 2.2 GB/s
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-threshold--2] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-threshold-9223372036854775808] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-threshold-2047] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-threshold-0] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-threshold--1294967296] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-threshold-invalid] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-invalid] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-1] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-grace-period-00] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-grace-period-525 948] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-grace-period--10] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-logging-critical-oninvalid] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-grace-period--11] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_negagtive_parameterize[nsslapd-disk-monitoring-grace-period-01] 0.00
No log output captured.
Passed suites/disk_monitoring/disk_monitoring_test.py::test_valid_operations_are_permitted 2.25
No log output captured.
Passed suites/ds_logs/ds_logs_test.py::test_check_default 0.00
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
ds_logs_test.py 158 DEBUG on
Passed suites/ds_logs/ds_logs_test.py::test_plugin_set_invalid 0.00
------------------------------ Captured log call -------------------------------
ds_logs_test.py 177 INFO test_plugin_set_invalid - Expect to fail with junk value
Passed suites/ds_logs/regression_test.py::test_default_loglevel_stripped[24576] 0.01
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/ds_logs/regression_test.py::test_default_loglevel_stripped[16512] 0.01
No log output captured.
Passed suites/ds_logs/regression_test.py::test_default_loglevel_stripped[16385] 0.16
No log output captured.
Passed suites/ds_logs/regression_test.py::test_dse_config_loglevel_error 1.18
No log output captured.
Passed suites/ds_tools/logpipe_test.py::test_user_permissions 0.03
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. logpipe_test.py 30 INFO Add system test user - dirsrv_testuser------------------------------ Captured log call -------------------------------
logpipe_test.py 66 INFO Try to create a logpipe in the log directory with "-u" option specifying the user
Passed suites/dynamic_plugins/dynamic_plugins_test.py::test_acceptance 35.28
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. topologies.py 106 INFO Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. topologies.py 139 INFO Creating replication topology. topologies.py 153 INFO Joining master master2 to master1 ... replica.py 1514 INFO SUCCESS: bootstrap to ldap://server.example.com:39002 completed replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 is was created replica.py 1795 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 is was created replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working replica.py 1583 INFO SUCCESS: joined master from ldap://server.example.com:39001 to ldap://server.example.com:39002 topologies.py 161 INFO Ensuring master master1 to master2 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39001 to ldap://server.example.com:39002 already exists topologies.py 161 INFO Ensuring master master2 to master1 ... replica.py 1768 INFO SUCCESS: Agreement from ldap://server.example.com:39002 to ldap://server.example.com:39001 already exists------------------------------ Captured log call -------------------------------
replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working
Passed suites/dynamic_plugins/dynamic_plugins_test.py::test_memory_corruption 37.36
------------------------------ Captured log call -------------------------------
replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working
Passed suites/dynamic_plugins/dynamic_plugins_test.py::test_stress 311.31
------------------------------ Captured log call -------------------------------
replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39001 to ldap://server.example.com:39002 is working replica.py 1926 INFO SUCCESS: Replication from ldap://server.example.com:39002 to ldap://server.example.com:39001 is working
Passed suites/filter/basic_filter_test.py::test_search_attr 0.03
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(sn=last1)(givenname=first1))-1] 0.00
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(sn=last1)(givenname=first1))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(&(sn=last1)(givenname=first1)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(&(sn=last1)(givenname=first1)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(&(&(sn=last1))(&(givenname=first1))))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(&(&(sn=last1))(&(givenname=first1))))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=*)(sn=last3)(givenname=*))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=*)(sn=last3)(givenname=*))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=*)(&(sn=last3)(givenname=*)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=*)(&(sn=last3)(givenname=*)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid5)(&(&(sn=*))(&(givenname=*))))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid5)(&(&(sn=*))(&(givenname=*))))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(objectclass=*)(uid=*)(sn=last*))-5] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(objectclass=*)(uid=*)(sn=last*))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(objectclass=*)(uid=*)(sn=last1))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(objectclass=*)(uid=*)(sn=last1))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=uid1)(sn=last1)(givenname=first1))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=uid1)(sn=last1)(givenname=first1))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=uid1)(|(sn=last1)(givenname=first1)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=uid1)(|(sn=last1)(givenname=first1)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=uid1)(|(|(sn=last1))(|(givenname=first1))))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=uid1)(|(|(sn=last1))(|(givenname=first1))))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(objectclass=*)(sn=last1)(|(givenname=first1)))-14] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(objectclass=*)(sn=last1)(|(givenname=first1)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(&(objectclass=*)(sn=last1))(|(givenname=first1)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(&(objectclass=*)(sn=last1))(|(givenname=first1)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(&(objectclass=*)(sn=last))(|(givenname=first1)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(&(objectclass=*)(sn=last))(|(givenname=first1)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(!(cn=NULL)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(!(cn=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(!(cn=NULL))(uid=uid1))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(!(cn=NULL))(uid=uid1))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=*)(&(!(uid=1))(!(givenname=first1))))-4] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=*)(&(!(uid=1))(!(givenname=first1))))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(|(uid=uid1)(uid=NULL))(sn=last1))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(|(uid=uid1)(uid=NULL))(sn=last1))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(|(uid=uid1)(uid=NULL))(!(sn=NULL)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(|(uid=uid1)(uid=NULL))(!(sn=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(|(uid=uid1)(sn=last2))(givenname=first1))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(|(uid=uid1)(sn=last2))(givenname=first1))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(&(uid=uid1)(!(uid=NULL)))(sn=last2))-2] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(&(uid=uid1)(!(uid=NULL)))(sn=last2))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(&(uid=uid1)(uid=NULL))(sn=last2))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(&(uid=uid1)(uid=NULL))(sn=last2))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid5)(sn=*)(cn=*)(givenname=*)(uid=u*)(sn=la*)(cn=full*)(givenname=f*)(uid>=u)(!(givenname=NULL)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid5)(sn=*)(cn=*)(givenname=*)(uid=u*)(sn=la*)(cn=full*)(givenname=f*)(uid>=u)(!(givenname=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(&(objectclass=*)(sn=last))(&(givenname=first1)))-1] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(&(objectclass=*)(sn=last))(&(givenname=first1)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(sn=last1)(givenname=NULL))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(sn=last1)(givenname=NULL))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(&(sn=last1)(givenname=NULL)))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(&(sn=last1)(givenname=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(&(&(sn=last1))(&(givenname=NULL))))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(&(&(sn=last1))(&(givenname=NULL))))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(&(&(sn=last1))(&(givenname=NULL)(sn=*)))(|(sn=NULL)))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(&(&(sn=last1))(&(givenname=NULL)(sn=*)))(|(sn=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=uid1)(&(&(sn=last*))(&(givenname=first*)))(&(sn=NULL)))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=uid1)(&(&(sn=last*))(&(givenname=first*)))(&(sn=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=NULL)(sn=NULL)(givenname=NULL))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=NULL)(sn=NULL)(givenname=NULL))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=NULL)(|(sn=NULL)(givenname=NULL)))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=NULL)(|(sn=NULL)(givenname=NULL)))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=NULL)(|(|(sn=NULL))(|(givenname=NULL))))-0] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=NULL)(|(|(sn=NULL))(|(givenname=NULL))))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*))-5] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*)(uid=*))"...
Passed suites/filter/complex_filters_test.py::test_filters[(uid>=uid3)-3] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(uid>=uid3)"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid=*)(uid>=uid3))-3] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid=*)(uid>=uid3))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(uid>=uid3)(uid<=uid5))-5] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(uid>=uid3)(uid<=uid5))"...
Passed suites/filter/complex_filters_test.py::test_filters[(&(uid>=uid3)(uid<=uid5))-3] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(&(uid>=uid3)(uid<=uid5))"...
Passed suites/filter/complex_filters_test.py::test_filters[(|(&(uid>=uid3)(uid<=uid5))(uid=*))-5] 0.00
------------------------------ Captured log call -------------------------------
complex_filters_test.py 119 INFO Testing filter "(|(&(uid>=uid3)(uid<=uid5))(uid=*))"...
Passed suites/filter/filter_logic_test.py::test_eq 0.00
------------------------------ Captured log setup ------------------------------
topologies.py 106 INFO Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/filter/filter_logic_test.py::test_sub 0.00